Reverse Tabnabbing

reverse_tabnabbing

Severity

high

Kind

Security Misconfiguration

CWE

1022

Description

At least one link on this page is vulnerable to Reverse tabnabbing as it uses a target attribute without using both of the "noopener" and "noreferrer" keywords in the "rel" attribute, which allows the target page to take control of this page.

Rationale

When a link uses target="_blank" without rel="noopener noreferrer", the opened page gains access to the originating page’s window object via window.opener. An attacker can exploit this by redirecting the original page to a phishing site that mimics the legitimate application while the user is distracted in the new tab. Users may unknowingly enter credentials on the fake page, believing they were logged out or the session expired.

Remediation

Do not use a target attribute, or if you have to then also add the attribute: rel="noopener noreferrer".

References

CWE-1022
OWASP Top 10 2021 - A04:2021 : Insecure Design
Reverse Tabnabbing, in OWASP Community.
the targetblank vulnerability by example
rel noopener
target blank the most underestimated vulnerability ever 96e328301f4c