Most modern web applications load resources such as fonts and JavaScript from other domains or a CDN. CORS is a security feature that prevents unauthorized access to web resources. However, depending on how it’s implemented CORS can still be attacked. Let’s first take...
JavaScript is a bit like Marmite, you either love it or hate it. Regardless of how it makes us feel, it is a powerful tool for attacking users and exploitation. Often, popping alert(1) is proof enough to get a fix but doesn’t demonstrate the full impact an attacker...
