Frame injection

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

A frame injection attack is an attack on Internet Explorer 5, Internet Explorer 6 and Internet Explorer 7 to load arbitrary code in the browser.[1] This attack is caused by Internet Explorer not checking the destination of the resulting frame,[2] therefore allowing arbitrary code such as JavaScript or VBScript. This also happens when code gets injected through frames due to scripts not validating their input.[3] This other type of frame injection affects all browsers and scripts that do not validate untrusted input.[4]

References

[edit | edit source]
  1. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  2. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  3. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
  4. ^ Lua error in Module:Citation/CS1/Configuration at line 2172: attempt to index field '?' (a nil value).
[edit | edit source]
Retrieved from "http://70.231.62.181/index.php?title=Frame_injection&oldid=7435245"