Read Time:20 Second
Description
The software includes web functionality (such as a web widget) from another domain, which causes it to operate within the domain of the software, potentially granting total access and control of the software to the untrusted source.
Modes of Introduction:
– Implementation
Likelihood of Exploit:
Related Weaknesses
Consequences
Confidentiality, Integrity, Availability: Execute Unauthorized Code or Commands
Potential Mitigations
CVE References