Y
Hacker News
new
|
ask
|
show
|
jobs
by
jtokoph
4819 days ago
I think cookie values are more of a risk for SQL injection or RCE than XSS. If the code that builds the session lookup query or cookie parsing code isn't safe, you're gonna have a problem.