jeger opened this issue 3 years ago · 0 comments
We could still demonstrate the XSS attack by making is stored in cookies. This would allow to add XSRF attack as well.