[webauthn] Code Injection vulnerability from client side (#1965) from Aditya Mitra via GitHub on 2023-09-16 (public-webauthn@w3.org from September 2023)

From: Aditya Mitra via GitHub <sysbot+gh@w3.org>
Date: Sat, 16 Sep 2023 07:58:51 +0000
To: public-webauthn@w3.org
Message-ID: <issues.opened-1899345469-1694851129-sysbot+gh@w3.org>

AdityaMitra5102 has just created a new issue for https://github.com/w3c/webauthn:

== Code Injection vulnerability from client side ==
## Vulnerability (Code Injection on client side)

Web Authentication might be vulnerable to Self-XSS attacks that allows the adversarial actor to manipulate and use the Public Key Credentials Request Options and get them signed from the authenticators of a legitimate user without physically accessing their device. This can be achieved with a sophisticated attack which comes a Self XSS on the side of the adversarial actor and a trojan running on the side of the legitimate user. This allows the adversarial actor to take over the accounts of the legitimate user remotely. 

Report with working steps to reproduce attached.
[WebAuthn.pdf](https://github.com/w3c/webauthn/files/12640140/WebAuthn.pdf)

Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1965 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Saturday, 16 September 2023 07:58:52 UTC