I’ve decided to collect the various proof of concepts I’ve done and summarise why iframes are a security risk. Here are the top reasons:- 1. Browser cross domain exploits Description:- Because you can embed another web site inside your page, you can exploit that page and perform actions as that user and doing anything on […]