|
|
|
|
|
|
by tcgv
4530 days ago
|
|
|
- "If you're able to execute your own JS on SUB1.example.com it can cookie-bomb not only your SUB1 but the entire *.example.com network, including example.com" So you've got to be able to execute JS in a subdomain to plant a cookie bomb that will affect the entire domain. |
|
|