score:11

Accepted answer

The frontend is inherently insecure. I can inject my own code any time. Setup breakpoints and manipulate variables during runtime. With that in mind. I could put anything I wanted in a redux store and get any value out of it. This includes setting an admin permission/flag to true. I could also trigger the reducers to run with the new value.


Related Query

More Query from same tag