Replying to Avatar jack

XSS vulnerability
Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 2y ago

β€œCross-site scripting is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.” I understood nothing, is it possible this could still happen to me putting my nsec into these new clients ??

Reply to this note

Please Login to reply.

Discussion

Avatar
matata 2y ago

would like to know too.. and if it's also something that can happen with mobile apps

i see it can be done with phishing links

and can ppl do this with img urls too? they automatically open since we can see them, right?

Avatar
π•Ύπ–Šπ–— π•Ύπ–‘π–Šπ–Šπ–•π–ž 2y ago

Yeah also is there a browser that would protect from such attacks ?

Avatar
Jonathan 2y ago

Definitely not in a mobile app AFAIK. It’s a browser problem. Image files a different. It’s simply a file. There’s no code being run unlike a web page.