Hacker News new | past | comments | ask | show | jobs | submit login

Some user was able to open a browser modal with a custom message in everyones browser. Any ideas how they did that?



https://en.wikipedia.org/wiki/Cross-site_scripting

The author of the site was naughty and didn't do any sanitization :) They said they've fixed it in another comment, though.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: