Y
Hacker News
new
|
ask
|
show
|
jobs
by
benregenspan
4765 days ago
This seems like it's just plain XSS - it doesn't take advantage of a user's serverside session to forge an action on their behalf.