[SuggestedReading] CSP: bypassing form-action with reflected XSS http://ift.tt/25KDxcf
-
-
Replying to @ChrisJohnRiley
@ChrisJohnRiley any csp directive can be bypassed with js execution. Form-action is no different cc@fransrosen1 reply 1 retweet 2 likes
Replying to @kkotowicz
@kkotowicz @ChrisJohnRiley @fransrosen meant without script, maybe should clarify in the post, thanks.
12:13 PM - 6 Apr 2016
0 replies
0 retweets
2 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.