Conditions préalables
Victim's browser visits a website that contains attacker's Java ScriptJava Script is not disabled in the victim's browser
Atténuations
Configuration: Disable Java Script in the browser
Faiblesses connexes
CWE-ID |
Nom de la faiblesse |
|
Exposure of Sensitive Information to an Unauthorized Actor The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Références
REF-410
Detecting browsers javascript hacks
Gareth Heyes.
http://www.thespanner.co.uk/2009/01/29/detecting-browsers-javascript-hacks/
Soumission
Nom |
Organisation |
Date |
Date de publication |
CAPEC Content Team |
The MITRE Corporation |
2014-06-23 +00:00 |
|
Modifications
Nom |
Organisation |
Date |
Commentaire |
CAPEC Content Team |
The MITRE Corporation |
2022-09-29 +00:00 |
Updated Example_Instances |