Enso security- The Cross-document Messaging Guidebook

The Cross-document Messaging Guidebook

By Barak Tawily, Co-Founder & CTO, Enso Security

As security specialists, we have been exposed to countless exploitations, including the classic and well known OWASP Top 10 vulnerabilities, such as XSS, CSRF, SSRF and authorization bypass. However, we were also introduced to vulnerabilities that were less visible and received less publicity, such as WebSockets, cross-origin communication, and Origin Policy. 

Why were these important vulnerabilities overlooked? Was it due to merely being less popular? Was it a lack of information and prior knowledge about their source and abilities? Maybe due to a lack of tools to analyze them? 

When we began to discuss these questions with colleagues, we quickly realized that many security specialists weren’t even aware of the existence of the attacks in which these vulnerabilities were used, and certainly did not make an effort to thoroughly understand them. 

As a result, we decided to research these implementations several years ago. Upon analyzing them, we found several interesting insights, such as:

  • Firefox - Local Files Theft - CVE-2019-11730
  • StackStorm - From Originull to RCE - CVE-2019-9580
  • DevSpace - RCE via WS CVE-2020-15391

Our research focused on Cross-document Messaging, and revealed 15 vulnerabilities, identified in various companies in the industry. Note that due to company privacy considerations, some of the sources will not be exposed in this review.

The following guide will attempt to summarize the results of our research and analysis in order to shed light on the fundamentals, research methodologies, and the tools that can be used to help us understand these overlooked vulnerabilities. 

We hope you make use of this comprehensive report to strengthen your organization’s security posture.  As a community, we encourage AppSec practitioners to continue to contribute joint knowledge and experience on this important topic. 

Easy Reading, 

Barak Tawily, CTO, Enso Security

Download the guidebook now

Privacy Policy

Start with Enso ASPM

Enso is the first security posture management solution in the field of application security. Enso platform includes an autonomous discovery engine that integrates with systems used by the organization from code to prod, and maintains an up to date, unified, correlated and profiled inventory list of all assets. This list includes a list of all the code repositories, artifacts, services, HTTP endpoints and others.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.