Why is XSS still a thing?
I'm studying OWASPs resources on XSS:
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
But I'm wondering why browsers are so permissive with script. For example, are there really legitimate uses for script in URLs??
I'm studying OWASPs resources on XSS:
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
But I'm wondering why browsers are so permissive with script. For example, are there really legitimate uses for script in URLs??
Comments
Post a Comment