Databases
StackOverflow2013
Postsdbo
POXSS attack in a window.open popup
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POXSS attack in a window.open popup
    text
    copied!<p>We faced an XSS attack in an iframe which we ship to our customers. Owing to senstivity of iframes we decided to go for Window.open method. Below is a sample attached JS which sits in customer's space. Can anyone enlighten on how it is vulnerable to XSS </p> <pre><code>&lt;p&gt; &lt;script type="text/javascript"&gt; function invokeVidteqPopup() { window.open('http://www.vidteq.com/stage/which.php?urlid=cis','Video','status=1,width=800,height=600,scrollbars=0,resizable=1'); } document.write("&lt;span style='text-align:left;'&gt;&lt;a style='font-family:Trebuchet MS,Arial;cursor:pointer;font-size:15px;color:black;border: 0px solid black' onclick=invokeVidteqPopup();&gt;Click For Video Directions&lt;/a&gt;&lt;span&gt;&lt;br/&gt;&lt;a href='javascript:void(0);' style='border: 0px solid black' onclick=invokeVidteqPopup(); &gt;&lt;img src='images/sub/vidteq_map.jpg' style='cursor:pointer;border: 0px solid black'/&gt;&lt;/a&gt;"); &lt;/script&gt; &lt;span style="text-align: left;"&gt; &lt;a onclick="invokeVidteqPopup();" style="border: 0px solid black; font-family: Trebuchet MS,Arial; cursor: pointer; font-size: 15px; color: black;"&gt;Click For Video Directions&lt;/a&gt; &lt;span&gt; &lt;br/&gt; &lt;a onclick="invokeVidteqPopup();" style="border: 0px solid black;" href="javascript:void(0);"&gt; &lt;img style="border: 0px solid black; cursor: pointer;" src="images/sub/vidteq_map.jpg"/&gt; &lt;/a&gt; &lt;/span&gt; &lt;/span&gt; &lt;/p&gt; </code></pre> <p>An additional similar function was found injected on the page </p> <pre><code>function ow(theURL) { //v2.0 window.open(theURL,'h','width=600,HEIGHT=500,screenY=10,left=10,top=10,screenX=10,statusbar=0,menubar=0,resizable=0'); } </code></pre> <p>Is it a consequence of XSS or some other malicious stuff </p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload