bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/osx/dos/24843.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

9 lines
No EOL
910 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/11949/info
A vulnerability has been identified in Apple Safari Web Browser that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site.
The issue presents itself when an attacker creates an HTML form with the submit 'value' property set to a legitimate site and the 'action' property set to the attacker-specified site. The malicious form could also be embedded in a link using the HTML Anchor tag and specifying the legitimate site as the 'href' property. As a result, the attacker-supplied link would point to the legitimate site and the status bar would display the address of the legitimate site as well.
<form action="http://www.malicious.com/" method="get">
<a href="http://www.example.com/"><input type="image" src="http://images.example.com/title.gif"></a>
</form>
Reference in a new issue View git blame Copy permalink