Home / Vulnerability Database / JavaScript : Overly permissive message posting policy
JavaScript
JavaScript : Overly permissive message posting policy
Classification
OWASP Top 10 2013
OWASP Top 10 2017
OWASP Top 10 2021
HIPAA
CWE
Overview
The application sends a cross-document message with an overly permissive target origin.
HTML5 allows to send messages to other windows via cross-document messaging. The target window must be specified. Overly permissive target origin may allow a malicious script to violate data confidentiality.
MEDIUM
DerScanner Severity Score
Do you want to fix JavaScript : Overly permissive message posting policy in your application?
See also
JavaScript
JavaScript : Null salt
JavaScript
JavaScript : Empty encryption key
JavaScript