Issue metadata
Sign in to add a comment
|
Security: Google Chrome XSS Auditor Bypass
Reported by
appariti...@gmail.com,
May 6 2016
|
||||||||||||||||||||
Issue description
I have found a way to bypass Google Chrome XSS Auditor Protection, tested successfully in Chrome current version 50.0.2661.94
Thank you,
John Page aka hyp3rlinx
VERSION
Chrome Version: 50.0.2661.94
Operating System: Windows 7 SP1
1) create an HTML file with no markup tags and just the javascript code to execute
e.g
alert('CHROME XSS AUDITOR BYPASS!\nBy HYP3RLINX\n\n'+navigator.userAgent)
window.open("http://hyp3rlinx.altervista.org")
2) inject XSS <script> tag payload into a vulnerable webpage as a script source.
e.g.
http://localhost/xss-bypass.php?c=%3Cscript%20src=%22http://localhost/XSS.html%22%3E%3C/script%3E
3) BOOM! Chrome XSS Auditor is bypassed... code executes.
,
May 6 2016
,
May 6 2016
I think this is false positive as javascript has not execute from another domain... as of yet. was late night should have tested a bit more.
,
May 6 2016
Yes, we give a pass to same-origin script resources to cut down on the false positive rate.
,
May 6 2016
Thanks sorry for any wasted time...
,
Aug 13 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 1 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Oct 2 2016
|
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by f...@chromium.org
, May 6 2016Owner: tsepez@chromium.org