Insecure Inline Frame
An inline frame tag (
iframe) on the page refers to an external resource, and no
sandbox is set. This allows the external URL to trick users into doing unwanted actions like submitting passwords.
sandbox attribute for iframes with external URL.
👉 You might also like:
X-Frame-Options Header is Missing - Vulnerability
Insecure Deserialization Remote Code Execution - Vulnerability
Insecure Deserialization - Vulnerability
Missing or Insecure Cache-Control Header - Vulnerability
Last updated on February 15, 2023