Web forgery overwrite with div overlay

ID MFSA2008-11
Type mozilla
Reporter Mozilla Foundation
Modified 2008-02-07T00:00:00


Security researchers Emil Ljungdahl and Lars-Olof Moilanen demonstrated that, in cases where the entire contents of a page are enclosed in a <div> with absolute positioning, a web forgery warning dialog won't be displayed unless the user switches tabs away-from then back-to the forgery page.