Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Cross frame scripting - Vulnerability Database

Cross frame scripting

Description

This script is possibly vulnerable to Cross Frame Scripting (XFS) attacks.

This is an attack technique used to trick a user into thinking that fake web site content is legitimate data.

Remediation

Your script should filter metacharacters from user input.

References

Cross Frame Scripting

Related Vulnerabilities

Insecure Frame (External) Low
Common tags: XFS

Severity

Medium

Classification

CWE-79
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

XFS