New issue
Advanced search Search tips
Starred by 1 user

Issue metadata

Status: Duplicate
Merged: issue 51680
Owner: ----
Closed: Oct 2010
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 0
Type: Bug-Security

Restricted
  • Only users with Commit permission may comment.



Sign in to add a comment
link

Issue 58672: Location Bar Spoofing using window.open, redirecting request, document.location, reload() & back()

Reported by jconsult...@gmail.com, Oct 10 2010

Issue description

VULNERABILITY DETAILS
Similare to 54262 and 51680

If the  bug 51680  was fixed in Google Chrome Beta 7.0.517.36 this vulnerability isn't a Duplicate.

VERSION
Chrome Version: [7.0.517.36] + [stable, beta, or dev]
Operating System: [Windows 7]

REPRODUCTION CASE
http://www.alternativ-testing.fr/Research/Google%20Chrome/Google%20Chrome%20SSL%20Spoofing/TestCase5fd4df654df/
 
spoofchrome7beta.png
113 KB View Download

Comment 1 by jsc...@chromium.org, Oct 10 2010

Mergedinto: 51680
Status: Duplicate
This is the same issue you reported in  issue 54262 , which is a known duplicate of  issue 51680 . The fix will probably not be in version 7, but it will be in version 8.

Comment 2 by jsc...@chromium.org, Mar 21 2011

Labels: Type-Security

Comment 3 by bugdroid1@chromium.org, Oct 13 2012

Project Member
Labels: Restrict-AddIssueComment-Commit
Mergedinto: chromium:51680
Owner: ----
This issue has been closed for some time. No one will pay attention to new comments.
If you are seeing this bug or have new data, please click New Issue to start a new bug.

Comment 4 by bugdroid1@chromium.org, Mar 10 2013

Project Member
Labels: -Type-Security Type-Bug-Security

Comment 5 by bugdroid1@chromium.org, Mar 11 2013

Project Member
Labels: -Area-Undefined

Comment 6 by bugdroid1@chromium.org, Mar 13 2013

Project Member
Labels: Restrict-View-EditIssue

Comment 7 by ClusterFuzz, Feb 6 2014

Project Member
Labels: -Restrict-View-SecurityTeam -Restrict-View-EditIssue
Bulk update: removing view restriction from closed bugs.

Comment 8 by mbarbe...@chromium.org, Oct 2 2016

Labels: allpublic

Sign in to add a comment