Y
Hacker News
new
|
ask
|
show
|
jobs
by
the8472
702 days ago
Stopping at 3 might already be enough if the background script has a sufficiently juicy bug that can be triggered by a message, e.g. if you can exfiltrate cookies or trigger requests with the user's credentials.