Six security vulnerabilities from a year of HackerOne (opens in new tab)

(flexport.engineering)

42 pointsnestlequ1k8y ago2 comments

2 comments

dmnd8y ago

Fun fact: dangerouslySetInnerHtml was almost going to be called insertXssVulnerabilityHere.

I wonder if vulnerability #2 from the post would still have happened if the name was that blatant.

khana8y ago

That one about _blank hrefs - Good one! Thank you.

j / k navigate · click thread line to collapse

(flexport.engineering)

42 pointsnestlequ1k8y ago2 comments

dmnd8y ago

Fun fact: dangerouslySetInnerHtml was almost going to be called insertXssVulnerabilityHere.

I wonder if vulnerability #2 from the post would still have happened if the name was that blatant.

khana8y ago

That one about _blank hrefs - Good one! Thank you.

j / k navigate · click thread line to collapse