Attacking Electron JavaScript Applications – from Cross-Site Scripting (XSS) to Remote Command Execution (RCE)

“The growing list of graphics formats relate primarily to static displays. But some people feel a Web page isn’t sufficiently exciting unless it moves. At a minimum, they want the page to change as a user interacts. Pop-up balloons and menus, and forms that fill themselves in, are simple examples we find today on the Web. These work because a small program, or script, is loaded with the page. It operates the page like the hand inside a puppet, in response to the user’s actions.”

Sir Tim Berners Lee and Mark Fischietti [1]

Welcome to the sixth chapter of this book, where we will analyze cross-site scripting (XSS) and how to make a ...

Get Attacking and Exploiting Modern Web Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.