Sound Hijacking: Abusing Missing XFO

A clickjacking attack works by loading a malicious website inside a low-opacity iframe and overlaying it with an innocuous looking button, checkbox, or link. This tricks the user into interacting with the vulnerable website beneath.

Read full news article on Dzone