[Owasp-testing] Frame Hijacking

Luca.carettoni luca.carettoni at ikkisoft.com
Tue Aug 19 05:32:45 EDT 2008


Hi folks,
           I am aware that you are going to close the OWASP Testing Guide within this month but I have just noticed a small lack. 
I was not able to find any reference regarding Frame Hijacking (e.g. via named frames).

>From the technical point of view, how do you evaluate this vulnerability in term of impact?
This flaw can be used to facilitate phishing traps, however I'm wondering if it should be considered as a departure from best practice or a "real" flaw. 
I'm looking forward to receiving your comments.

Since I am probably late, it could be a reminder for the next testing guide :)

Cheers,
Luca "ikki" 


More information about the Owasp-testing mailing list