22 matches found
Reverse Tabnapping
Overview Versions of swagger-ui prior to 3.18.0 are vulnerable to Reverse Tabnapping. The package uses target='blank' in anchor tags, allowing attackers to access window.opener for the original page. This is commonly used for phishing attacks. Recommendation Upgrade to version 3.18.0 or later...
Tabnapping Phishing Proof Of Concept
I just stumbled across this credit goes to http://www.pjlantz.com/2010/05/tabnapping.html and Aza Raskin and while rough, certainly has potential given the right circumstances. I added a quick PoC, though I'm on a NAT and can't provide you a working link atm, though it seemed to work fine using t...