Target=”_blank” — the most underestimated vulnerability ever

window.opener.location = ‘https://fakewebsite/facebook.com/PHISHING-PAGE.html';

How to fix

Add this to your outgoing links.

rel="noopener"
rel="noopener noreferrer"
var newWnd = window.open();
newWnd.opener = null;

--

--

Alexander Yumashev — founder of https://www.jitbit.com. Hacker, father, snowboarder, bass-player.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alex Yumashev

Alex Yumashev

605 Followers

Alexander Yumashev — founder of https://www.jitbit.com. Hacker, father, snowboarder, bass-player.