Changes between Initial Version and Version 2 of Ticket #1859


Ignore:
Timestamp:
2012-11-15T02:55:43Z (13 years ago)
Author:
nejucomo
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #1859

    • Property Keywords security javascript same-origin capleak added
    • Property Priority changed from normal to major
    • Property Component changed from unknown to code-frontend-web

  • Ticket #1859 – Description

    initial v2  
    5555**Related Tickets**:
    5656
    57 * #615 is more about boot-strapping an attack rather than illicitly gaining victim capabilities.
     57* #615 is about illicitly gaining victim capabilities; whereas this ticket is about bootstrapping and attack and/or abusing ambient authority.
    5858* #1215 is about adding CORS support and how that may create a vulnerability; this script demonstrates even without CORS support similar vulnerabilities already exist.