appsec
fuckReddit
•
1y ago
•
100%
Account Takeover in Canvas Apps served in Comet due to failure in Cross-Window-Message Origin validation
https://ysamm.com/?p=783x-posted from /r/netsec by /u/yqopmin
Comments 0