New Attack Combines Self-XSS and Clickjacking
A researcher has demonstrated an attack that combines Clickjacking and a type of Cross Site Scripting (XSS) called Self-XSS. The new attack can trigger Self-XSS on pages that are also vulnerable to Clickjacking, the researcher says.
Story added 20. March 2017, content source with full text you can find at link above.