Frame Injection

# Summary

User-controlled img src allows loading untrusted frames, enabling internal service probe & info gathering, content manipulation within trusted contexts.

# POC

<img width="1280" height="525" alt="Image" src="https://github.com/user-attachments/assets/fd6008d2-ffe5-444f-a3dc-1a2224e5e724" />

<img width="1057" height="370" alt="Image" src="https://github.com/user-attachments/assets/cf0ed8aa-a002-45a3-b2f9-7c0bdc2b19d9" />



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Frame Injection #288

Summary

POC

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Frame Injection #288

Description

Summary

POC

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions