Skip to main content

Postmessage Vulnerabilities

Postmessage Vulnerabilities notes migrated from GitBook.

📄️ index

postMessage() Vulnerabilities

📄️ bypassing-x-frame-options-with-window.open

Bypassing X-Frame-Options with window.open()

📄️ from-self-xss-to-real-xss

From self-XSS to real XSS

📄️ insecure-listener-origin-not-checked

Insecure Listener (Origin Not Checked)

📄️ origin-as-wildcard

Origin as Wildcard (\*)