Home > Uncategorized > Tabbed Browsing Vulnerability

Tabbed Browsing Vulnerability

October 22, 2004

Most browsers have been reported vulnerable to the Dialog Box Spoofing Vulnerability, including opera. Inactive tabs can launch dialog boxes so they appear to be displayed by a web site in another tab. This can be exploited by a malicious web site to show a dialog box, which seems to originate from a trusted web site. To see if your browser is affected by this vulnerability, use this test.

Possible Solution.

Tie the dialog box to the tabbed window that opened it and only show it when its parent window is active.

Categories: Uncategorized
%d bloggers like this: