Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:47150
HistoryMay 23, 2024 - 12:11 p.m.

Tabnabbing

2024-05-2312:11:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
1
tabnabbing
passbolt_api
vulnerability
malicious uri
window.opener object

6.9 Medium

AI Score

Confidence

Low

JSON

passbolt/passbolt_api is vulnerable to Tapnabbing. The vulnerability is due to a flaw where a user can create and share a resource with a malicious URI that, when opened by the victim using the β€œOpen URI in a new tab” function, grants the malicious page access to the window.opener object

6.9 Medium

AI Score

Confidence

Low

JSON