JavaScript hijacking

Updated: 11/13/2018 by Computer Hope

JavaScript hijackingAlternatively referred to as JSON hijacking, JavaScript hijacking is an attack in which potentially sensitive information is obtained from a user. It is carried out by exploiting a JSON (JavaScript object notation) on another website. Attackers intercept the information from another website by running the script from their own websites and capturing the JSON data before it is sent back the original website.

The vulnerability presents itself when a web browser has a faulty Single Origin Policy. This fault may allow a JavaScript program to be loaded from a different website. The JSON data retrieved from the script is hijacked before being sent back to the original website, giving an attacker any information that was sent through JSON via the script.

Hijack, JavaScript, Security terms