$500 Bounty: Hijacking HackerOne via window.opener

Summary

• A cybersecurity researcher has uncovered a vulnerability in the Hackero platform that allows a malicious link to open in a new tab and take control of the original tab.
• Using the window.opener feature of web browsers, the new tab can modify the original tab’s content, redirect it to another domain, or execute scripts in its context.
• This could lead to phishing, session redirection, or worse, expose the user to malicious code or exploits since the vulnerability permits the new tab to access the session information of the original one.
• The researcher reported the issue to HackerOne in December 2021, and the company fixed it within a week, awarding the researcher a $500 bounty.
• It underlines the need for developers to ensure that their applications are fully aware and vigilant regarding the capabilitiesrequested by any incoming URLs, and the potential for abuse or misuse of functionalities like window.opener=null.

By Monika sharma

Original Article