Client Side Vulnerabilities / Document Domain Manipulation

Description

Document Domain Manipulation (CWE-213) is a client-side vulnerability that occurs when a malicious actor is able to manipulate the document domain of a web page or API. The document domain is the origin from which certain documents, such as JavaScript and HTML, are accessed. When this document domain is manipulated, the malicious actor is able to access documents from a different origin than the intended source, and therefore gain access to sensitive information or be able to perform malicious activities. As outlined in the OWASP Testing Guide, document domain manipulation can be tested for by ensuring that access to documents is only granted from a known, trusted, and expected origin.(1)

Risk

Document Domain Manipulation can pose a high risk as it can allow malicious actors to access sensitive information, such as passwords and financial information, or to perform malicious activities, such as executing malicious code or running scripts. It is important to assess the risk posed by this vulnerability and to ensure that proper security measures are in place to mitigate it.

Solution

The solution to Document Domain Manipulation is to ensure that documents are only accessed from an expected, trusted, and known origin. All external documents should be validated and verified to ensure that they are from a trusted source. Additionally, the document domain should be regularly monitored to ensure that no unauthorized changes have been made.