top | item 29640199

(no title)

heax | 4 years ago

That is how I understood it also.

The new part of their discovery is that visiting a malicious website can run the attack on servers in the private network via a JavaScript application and websockets.

That means even applications which are not exposed to the internet can be attacked.

discuss

totony|4 years ago

still confused why browsers allow private network access from non-private domains