Clickjacking
Medium
P
Pushwoosh
Submitted None
Actions:
Reported by
b1b62e8d81ce1e3993ad913
Vulnerability Details
Technical details and impact analysis
Steps to reproduce:
create index.html file with following content:
<iframe sandbox="allow-scripts allow-forms" src="https://go.pushwoosh.com/register" width="1000" height="600"></iframe>
Open index.html in browser
Actual result: Pushwoosh viewed in iframe.
Expected result: do not allow clickjacking
Root cause:
```
var isInIFrame = (function () {
try {
return window.self !== window.top;
} catch (e) {
return true;
}
})();
```
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
UI Redressing (Clickjacking)