By "using simple HTML injection" I'm thinking of a form where they don't sanitiz... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		MBCook on June 20, 2016 \| parent \| context \| favorite \| on: Bought and returned set of WiFi home security came... By "using simple HTML injection" I'm thinking of a form where they don't sanitize input so you could put a <video> tag in the 'name' field and suddenly the video would appear on the page. Getting access to the administrator account is pretty different.

nitrogen on June 22, 2016 [–]

Not for a high school student. School networks tend to be very insecure, and the students tend to see them as just another resource in their education.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact