Audible free book:
JavaScript is dangerous! Why? How are websites vulnerable to it? Find out about bug-bounties from Tom Scott.

More from Tom Scott: and

This video was filmed and edited by Sean Riley.

Computerphile is a sister project to Brady Haran’s Numberphile. See the full list of Brady’s video projects at:

Comments (27)

  1. I would also tell a bit about other ways javascript can get into your page like ads and etc

  2. I'm a BS Physics student(first year) I really want to learn more about Cyber Security, I want to shift but I would waste my scholarship so yeah I'm watching your videos…Thank you!

  3. Well explained, but he didn't specify any concrete technique for executive such an attack (possibly intentional).
    Though, explains the mechanics well enough that one could figure it out. ☺️

  4. It is so easy to forget (to end/close a tag), or they do it on purpose … and not for free …

  5. Oooooorrrr, you can command JavaScript to create web upload form and upload a php file with your filemanager shell and you can modify, add, or delete contents on the pages! 😁

  6. If instead of using a sheet of paper and your "scribbles" you did a demonstration, directly on the internet, to prove that this is true, perhaps it would have some credibility. Here in Brazil we usually say that "paper accepts everything".

  7. But how can you influence the web page of others by just modifying script on the page you were sent ? You can modify whatever you want, but when another person will send a request to the site, it will send them back the original page, without any of the modification you applied. Am I wrong ?

  8. His way of talking shows like he is Mark Zuckerberg's brother! By the way … Who's from 2018 here!!!!

Comments are closed.