Vulnerability Report [X-frame By-Pass]
12 views
Skip to first unread message
Whitehat Security
Oct 8, 2025, 1:35:09 AMOct 8
to ontobee...@googlegroups.com
The details of it are as follows:-
Summary:
X-Frame-Options ALLOW-FROM https://ontobee.org supported by several Browser,
Steps To Reproduce:
- Create a new HTML file
- Put <iframe src="https://ontobee.org"0"></iframe>
- Save the file
- Open document in browser
Impact:
Attacker may tricked user, sending them malicious link then user open it clicked some image and their account unconsciously has been deactivated
Solution:
The vulnerability can be fixed by adding "frame-ancestors 'self';" to the CSP (Content-Security-Policy) header.
PoC:
<!DOCTYPE html>
<html><head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="X-Frame-Bypass: Web Component extending IFrame to bypass X-Frame-Options: deny/sameorigin">
<title>X-Frame-Bypass Web Component Demo</title>
<style>
html, body {
margin: 0;
padding: 0;
height: 100%;
overflow: hidden;
}
iframe {
display: block;
width: calc(70% - 40px);
height: calc(80% - 40px);
margin: 20px;
}
img {
position: absolute;
top: 0;
right: 0;
}
</style>
<script src="https://unpkg.com/@ungap/custom-elements-builtin"></script>
<script src="x-frame-bypass.js" type="module"></script>
</head>
<body>
<h1>x-frame-bypass in your site</h1>
<iframe is="x-frame-bypass" src="https://ontobee.org"></iframe>
</body>
</html>
FIX:
Content-Security-Policy: frame-ancestors 'self' is better, because it checks all frame ancestors. You should implement a CSP header to avoid these sorts of attacks. Please let me know if you want more information. I hope that you appreciate my ethical disclosure of this vulnerability, expecting a reward as a token of appreciation for this..
Thank you!
Waiting for your reply.
Regards
Whitehat Security
Oct 21, 2025, 1:00:02 AMOct 21
to ontobee...@googlegroups.com
Dear Team,
I hope you're doing well. I wanted to follow up on the vulnerability I reported. I understand that security assessments and fixes take time, and I truly appreciate your team's efforts in addressing these issues.
Please confirm your interest if you are willing to fix the issue to avoid further follow-ups. If you have already fixed the issue, please let us know, and we will proceed with retesting.
As a security researcher, I responsibly reported this vulnerability to help secure your platform. In recognition of my efforts, I expect a reward, which can be sent via PayPal or bank transfer. I would appreciate an update on this discussion as well.
Looking forward to your response.
Best regards
I hope you're doing well. I wanted to follow up on the vulnerability I reported. I understand that security assessments and fixes take time, and I truly appreciate your team's efforts in addressing these issues.
Please confirm your interest if you are willing to fix the issue to avoid further follow-ups. If you have already fixed the issue, please let us know, and we will proceed with retesting.
As a security researcher, I responsibly reported this vulnerability to help secure your platform. In recognition of my efforts, I expect a reward, which can be sent via PayPal or bank transfer. I would appreciate an update on this discussion as well.
Looking forward to your response.
Best regards
Whitehat Security
Oct 29, 2025, 12:18:50 AMOct 29
to ontobee...@googlegroups.com
Hello Team,
I’m following up once more regarding the vulnerability report. We’re happy to know you’ve received it and that it’s contributing to your security improvements.
As mentioned earlier, we would also appreciate a reward for the vuln, granted purely at your discretion. This doesn’t require a bug bounty program — it’s simply a way to acknowledge the effort put into reporting it ethically.
Thank you for your time and acknowledgment.
Best regards
I’m following up once more regarding the vulnerability report. We’re happy to know you’ve received it and that it’s contributing to your security improvements.
As mentioned earlier, we would also appreciate a reward for the vuln, granted purely at your discretion. This doesn’t require a bug bounty program — it’s simply a way to acknowledge the effort put into reporting it ethically.
Thank you for your time and acknowledgment.
Best regards
Whitehat Security
Nov 9, 2025, 11:55:35 PM (3 days ago) Nov 9
to ontobee...@googlegroups.com
Hello Team,
I hope everything is going well on your end. I wanted to politely follow up regarding the vulnerability we reported earlier.
While our main goal is to help improve your security posture, we would also welcome a reward for the vuln, should you decide to grant one. We fully understand this is not an obligation and depends entirely on your room and discretion.
Your acknowledgment and appreciation mean a lot to us.
Best regards
I hope everything is going well on your end. I wanted to politely follow up regarding the vulnerability we reported earlier.
While our main goal is to help improve your security posture, we would also welcome a reward for the vuln, should you decide to grant one. We fully understand this is not an obligation and depends entirely on your room and discretion.
Your acknowledgment and appreciation mean a lot to us.
Best regards
Reply all
Reply to author
Forward
0 new messages