Y
Hacker News
new
|
ask
|
show
|
jobs
by
x-sam
4949 days ago
one of the main reasons, that someone could find XSS on your website. Afterwards, he needs just to open an iframe and you may get your password in a plan-text.
without any redirects and other hijackings