Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
trunk, 2.6.2
Description
According to details found at https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/phishing-by-navigating-browser-tabs/, it is possible to change the "window.opener.location" value in browser windows opened using normal anchor tags where the "target" attribute is specified as "_blank".
This gives an attacker the ability to change the parent location and thus potentially allow for a phishing attack to invoked.
To help this situation, it is suggested that the following attribute be set along with the "target" attribute:
rel="noopener noreferrer"
For example:
<a href="..." target="_blank" rel="noopener noreferrer">...</a>