Cross Frame Scripting

Description

This script is possibly vulnerable to Cross Frame Scripting (XFS) attacks.

This is an attack technique used to trick a user into thinking that fake web site content is legitimate data.

ShareShare on FacebookTweet about this on TwitterShare on Google+

Impact
Malicious users may poison a frame allowing them to conduct phishing attacks.

Recommendation
Your script should filter metacharacters from user input.

References
Cross Frame Scripting