Reverse Tabnabbing Vulnerability in Outgoing Links
Medium
Vulnerability Details
The external links in the reports are not properly handled, using the issue the links can access the openers and replace them with some other page.
To Verify the issue, just go to any report which do have any external link and inspect the proceed button.
Where the issue lies:
rel="noreferrer"
Proper Fix:
rel="nofollow noopener noreferrer"
Browser teted in: Opera 11.64
I hope you would soon look into this. Kindly resolve the issue.
Regards.
Actions
View on HackerOneReport Stats
- Report ID: 284143
- State: Closed
- Substate: informative
- Upvotes: 3