Skip to content Skip to sidebar Skip to footer
Home / Frame / Internet Explorer / Javascript / Security / Xfs

Frame Onkeydown Feedback

Post a Comment
I'm trying to do a PoC for a Cross Frame Scripting attack (https://www.owasp.org/index.php/Cross_Frame_Scripting) to show in my job how dangerous can be this attack for any version

Solution 1:

There's probably nothing wrong with your code. Cross Frame Scripting is not a real vulnerability - it is only a vulnerability in old versions of Internet Explorer that contains a bug where the onkeypress event is triggered inside the parent frame, despite the domains not matching where this would usually be protected by the Same Origin Policy.

Other Cross Frame Scripting attacks are merely Cross Site Scripting attacks with a different name because they involve frames.

Post a Comment for "Frame Onkeydown Feedback"