Update cross-site frame counting real world example section with a new patched bug on GitHub (#152)

mr-medi · terjanq · web-flow · commit 62b0ae8b2fda · 2024-01-09T23:25:55.000+01:00
* Update frame-counting.md

* Update frame-counting.md

* Update contributors _index.md file

---------

Co-authored-by: terjanq &lt;terjanq@users.noreply.github.com&gt;
diff --git a/content/docs/attacks/frame-counting.md b/content/docs/attacks/frame-counting.md
@@ -77,6 +77,9 @@ Some examples of frame counting attacks are:
 
 A vulnerability reported to Facebook used this technique to leak user-related information such as specific content published in posts, religious information about friends, or photo locations[^1].
 
+A vulnerability on GitHub demonstrates how private repositories could have been exposed using this technique as well.[^2].
+
 ## References
 
 [^1]: Patched Facebook Vulnerability Could Have Exposed Private Information About You and Your Friends. [link](https://www.imperva.com/blog/facebook-privacy-bug/)
+[^2]: How Cross-Site Frame Counting Exposes Private Repositories on GitHub. [link](https://mr-medi.github.io/research/2023/07/31/exploring-cross-site-frame-counting-attacks.html)
diff --git a/content/docs/contributions/_index.md b/content/docs/contributions/_index.md
@@ -88,7 +88,8 @@ We would like to thank the following users who [contributed](https://github.com/
 [NDevTK](https://github.com/NDevTK), [1lastBr3ath](https://twitter.com/1lastBr3ath),
 [Brasco](https://github.com/Brasco/), [rick.titor](https://github.com/riccardomerlano),
 [Chris Fredrickson](https://github.com/cfredric/), [jub0bs](https://github.com/jub0bs),
-[Zeyu (Zayne) Zhang](https://github.com/zeyu2001), [Aaron Shim](https://github.com/aaronshim),
+[Zeyu (Zayne) Zhang](https://github.com/zeyu2001), [Medi](https://twitter.com/medi_0ne), 
+[Aaron Shim](https://github.com/aaronshim)
 
 In addition, we would also like to acknowledge the users who [contributed](https://github.com/xsleaks/xsleaks/wiki/Browser-Side-Channels/_history) to the predecessor of the current XS-Leaks wiki:
 
