Post

Replies

Boosts

Views

Activity

Safari Security Vulnerability - CSP policy bypassed script on Safari while chrome successfully blocking it.
on our web pages we have allowed certain sources of scripts though content-security-policy meta tag which is working fine as expected on Chrome browser and on Internet Edge. However there is a script called morosa.top when it inserted in our html page, safari is not able to block it while it was supposed to block. if this script gets executed it start taking screenshots of screen and post it to hacker. Please check this could be a potential issue. [Edited by Moderator]
1
0
724
Dec ’23