CWE-1022
Use of Web Link to Untrusted Target with window.opener Access
The web application produces links to untrusted external sites outside of its sphere of control, but it does not properly prevent the external site from modifying security-critical properties of the window.opener object, such as the location property.
Official CWE-1022 definition at MITREImpactr finds and proves weaknesses like CWE-1022 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist