Y
Hacker News
new
|
ask
|
show
|
jobs
by
d3c0d3dab0d3
4773 days ago
If you can inject JS then you can steal session cookies. Other stuff too, but XSS is a big deal.