Security scans of externally hosted Portal instances raise red-flags about this around the urls and pages for the
portalhelp/en/portal/11.3/use/use-raster-functions-to-customize-raster-analysis.htm and all other documentation pages.
Reverse Tabnabbing is an attack where the target page is replaced by phishing site. This is possible when target="_blank" is in use with rel="noopener" or rel="noreferrer" attacker can use JavaScript window.opener and inject malicious domain in it. When user clicks on html link they will get redirected to phishing or unintentional website. WAS detects this vulnerability during crawling and evaluates HTML links embedded in anchor tags. |