When you open a link in a new tab ( target="_blank" ), the page that opens in a new tab can access the initial tab and change it's location using the window.opener property.
Browsers Verified In:
Steps To Reproduce:
In Image F133659, If you notice the links go through
https://www.coinbase.com/external_redirect except "Bloomberg"
Since Bloomberg works on
http, If you're in the same network you can manipulate the bloomberg page and inject a script which manipulates
I understand this is very trivial to exploit and does not have very big impact