Escaping an Unsandboxed Iframe
In this post I show how a malicious redirect can be performed on a trusted website if the trusted site contains an unsandboxed iframe pointing to an untrusted site.
Consider this scenario:
A website which the victim is likely to trust allows other s...
jamesonhacking.hashnode.dev2 min read