Update wildcard-postmessage.yaml
parent
8c50dc94d9
commit
bd7292acd3
|
@ -3,7 +3,7 @@ id: wildcard-postmessage
|
|||
info:
|
||||
name: postMessage - Cross-Site Scripting
|
||||
author: pdteam
|
||||
severity: high
|
||||
severity: unknown
|
||||
description: postMessage contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and therefore steal cookie-based authentication credentials and launch other attacks.
|
||||
reference:
|
||||
- https://jlajara.gitlab.io/web/2020/06/12/Dom_XSS_PostMessage.html
|
||||
|
|
Loading…
Reference in New Issue