[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FrameJammer DOM based XSS

Author:Hal Pawluk
Software Description: FrameJammer is a little javascript code which prevents opening framed pages outside their frameset. FrameJammer used to be distributed as a Macromedia Dreamweaver extension, nowadays web developers are spreading it with copy-paste.

FrameJammer does not validate user input (Window.Location) and therefore it contains a DOM Based XSS vulnerability.


I did not contact with the author. His website is down and I am not in the possession of his contact information.