Passbolt Api Tabnabbing when opening URI with menu "Open URI in a new tab"

2024-05-2017:09:57

CWE-657

GitHub Advisory Database

github.com

security

malicious uri

window.opener

phishing

javascript function

data integrity

code fix

software

7.2 High

AI Score

Confidence

Low

JSON

Description

A user could create and share a resource with a malicious URI. When the victim opens with menu “Open URI in a new tab” function, the malicious page has access to the window.opener object.

Impact of issue

The newly opened malicious page can for example change the window.opener.location to redirect the user to a phishing page, or call a JavaScript function served by the AppJS on the user behalf for example to try to affect the integrity of the data.

Fix

The code that opens a new window via window.open(); now open the tab with the noopener attribute.

Affected configurations

Vulners

Node

passboltpassbolt_apiRange<2.11.0

CPENameOperatorVersion
passbolt/passbolt_apilt2.11.0

CPE	Name	Operator	Version
	passbolt/passbolt_api	lt	2.11.0

References

github.com/advisories/GHSA-qm5v-pj64-852j

github.com/FriendsOfPHP/security-advisories/blob/master/passbolt/passbolt_api/2019-08-07-3.yaml

github.com/passbolt/passbolt_api/commit/f568e113beb3134446eda9e66400d28d726ee20d

www.passbolt.com/incidents/20190807_multiple_vulnerabilities

7.2 High

AI Score

Confidence

Low

JSON