Start writing a doc for what we can do as penetration testing

[SimoneFerraris]

XSS

https://stackoverflow.com/questions/33644499/what-does-it-mean-when-they-say-react-is-xss-protected

https://medium.com/@jurouhlar/quick-devnotes-xss-vulnerabilities-in-react-45d9f683a7d2

[SimoneFerraris]

Various

https://www.thirdrocktechkno.com/blog/react-security-vulnerabilities/

[SimoneFerraris]

zip slip

https://security.snyk.io/research/zip-slip-vulnerability

[SimoneFerraris]

CSRF

https://owasp.org/www-community/attacks/csrf

[SimoneFerraris]

for xss remote requests https://webhook.site