You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The code for this handler does NOT verify the message origin. This is an issue because any site can send a postMessage to the application and it will be processed.
As far as I can see, the attacker has the potential to:
Force the victim's application to be logged in using attacker credentials by sending a postMessage with deliverCredentials and valid OAuth token for the attacker account. If the attack is well crafted, the victim might end up sending private data to the attacker's account, the attacker can then read this information.
Force the victim to logout (to be confirmed) by sending authFailure
The text was updated successfully, but these errors were encountered:
ng-token-auth/src/ng-token-auth.coffee
Line 154 in 85a72ae
postMessagehandler.The code for this handler does NOT verify the message origin. This is an issue because any site can send a
postMessageto the application and it will be processed.Details in this blog post
As far as I can see, the attacker has the potential to:
Force the victim's application to be logged in using attacker credentials by sending a postMessage with
deliverCredentialsand valid OAuth token for the attacker account. If the attack is well crafted, the victim might end up sending private data to the attacker's account, the attacker can then read this information.Force the victim to logout (to be confirmed) by sending
authFailureThe text was updated successfully, but these errors were encountered: