Just can't stay away
Joined: 2006/11/29 8:09 Last Login
: Yesterday 18:53
From Lyon, France
Group:
Registered Users
|
@Thread
Well, even if English is not my native language, it seems that the test fails since you should read carefully what it is written :
You are vulnerable...
if this page is displayed in the context of another site and/or the address bar of your browser shows that site's URL. If you see it in a separate window with a URL from The H, you can ignore this message.
We could insert any content here. Attackers could create a page with the look and feel of the original page and ask for private information such as passwords, PINs and so on. All such data entered here could be transmitted to the attackers.
So yes, we are vulnerable since anything could have been written in the frame.
We normally shoud have had a new window opened without the first one being modified.
|