Fortify Priority: Low Folder Low
Kingdom: Encapsulation
Abstract: On line 11477 of jszip.js the program posts a cross-document message with an overly
permissive target origin..
Sink: jszip.js:11477 FunctionPointerCall: postMessage()
11475 postMessageIsAsynchronous = false;
11476 };
11477 global.postMessage("", "*");
11478 global.onmessage = oldOnMessage;
11479 return postMessageIsAsynchronous;
Abstract: On line 11504 of jszip.js the program posts a cross-document message with an overly
permissive target origin..
Sink: jszip.js:11504 FunctionPointerCall: postMessage()
11502
11503 registerImmediate = function (handle) {
11504 global.postMessage(messagePrefix + handle, "*");
11505 };
11506 }
Fortify Priority: Low Folder Low Kingdom: Encapsulation Abstract: On line 11477 of jszip.js the program posts a cross-document message with an overly permissive target origin.. Sink: jszip.js:11477 FunctionPointerCall: postMessage() 11475 postMessageIsAsynchronous = false; 11476 }; 11477 global.postMessage("", "*"); 11478 global.onmessage = oldOnMessage; 11479 return postMessageIsAsynchronous;
Abstract: On line 11504 of jszip.js the program posts a cross-document message with an overly permissive target origin.. Sink: jszip.js:11504 FunctionPointerCall: postMessage() 11502 11503 registerImmediate = function (handle) { 11504 global.postMessage(messagePrefix + handle, "*"); 11505 }; 11506 }