Project

General

Profile

Bug #60413

cross origin attack with js window.open target='_blank'

Added by Alexey Bobyr over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Alexey Bobyr
Category:
Scalix Webmail (SWA)
Target version:
Start date:
05/08/2016
Due date:
05/08/2016
% Done:

100%

Estimated time:
Operation System:
--


Files

History

#1

Updated by Alexey Bobyr over 3 years ago

send email with link pointed to https://mathiasbynens.github.io/rel-noopener/malicious.html to yourself

it must be working link (in webmail using ctrl+c/ctrl+v just insert it as text) ...

then open this email . and click . .....

#2

Updated by Alexey Bobyr over 3 years ago

  • Private changed from No to Yes
#3

Updated by Alexey Bobyr over 3 years ago

  • Private changed from Yes to No
#4

Updated by Alexey Bobyr over 3 years ago

  • Due date set to 05/08/2016
  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Also available in: Atom PDF