information leak which leads crossdomain same origin vulnerabilities
Reported by
cmarkta...@gmail.com,
Oct 15 2016
|
|||||||||||
Issue description
Chrome Version :53.0.2785.143 <Copy from: 'about:version'>
URLs (if applicable) :
Other browsers tested:
Add OK or FAIL, along with the version, after other browsers where you
have tested this issue:
Safari:
Firefox:
IE:
What steps will reproduce the problem?
(1)https://ci5.googleusercontent.com/proxy/yK4IPlfsbUeLcVtUdHtCDJQ3qcHzF2S-hHvm2l_XBnAU3aFOREoJqEJUcyMUMFNXqlawolV7bFyzXa_Ny3WgGpwh8HqApf_ROnj0y7nNmSpgGwcsxHqHDasHqztwTqddw4-BM5v0WkyhMUMUx-hY3mTNpgIpkumzU9EpceYksMyhXFJy=s0-d-e1-ft#http://images.c-rewards.com/op.asp?eh=9028EBBB653836ED6D3020D4715666297740C452&email_id=30&lang=EN&casinoid=-1
(2)https://ci5.googleusercontent.com/proxy/WgkBxiTYvadEVEuXe0W3uQf1NmlcFloAHU18zSqNp-eik-gepv_ANPHVuNJOpD-oB-grMj3AoSs3KBkBrIzIZn5ouf4VawY36v0o=s0-d-e1-ft#https://blockonomics.cmail2.com/t/d-o-drtuukt-l/o.gif
(3)https://ci4.googleusercontent.com/proxy/tBYlvOi1mUtXdjUBRr2dZY6rNBdgm985Ga0x_6cX54IemYAkFjEgcPIiAHsrzHKDEzVncGAhINcaAq3WgUUzq9sU5YrfI1k6WzgHWSEuO6VOfP66pRpSi01NQF9aZD1kvmqofqMNdvXLXF3abGZyEsvdpt9K8yAh=s0-d-e1-ft#http://genesismining.acemlnb.com/lt.php?nl=1&c=111&m=132&s=b46f6afa302875d200857ebe1d73c982&l=open
(4)
https://0.client-channel.google.com/client-channel/channel/bind?ctype=hangouts&prop=gmail&appver=chat_frontend_20161011.11_p0&gsessionid=MEExR8KwLeAU292t6X3ExWFKK6RZh4NE&VER=8&RID=rpc&SID=1F53F697C94F9C29&CI=0&AID=122&TYPE=xmlhttp&zx=7buqotaird0i&t=1
This can be reproduce by simply clicking
What is the expected result?
I check the console yesterday and I found ot the my xss protection was blocked there was an xss vulnerabilities in html style because of these vulnerabilities even a secured crsf token can be read by the browser. The attacker can use this tactic to view or acess the victim's sensitive and confidential info. The attacker can also trick the victim because of these forged site. The terms and conditions can be manipulated by the attacker too. The poor victim is open for other attacks by simply clicking a like on the forged social networking site etc.
What happens instead?
The email accounts of the victim maybe access to the attacker's server. if found remote code execution and blocked xss protection. xss attack can be done anytime which my computer can be accessed by the executor anytime and my privacy is at risk
Please provide any additional information below. Attach a screenshot if
possible.
,
Oct 15 2016
https://www.youtube.com/watch?v=NVaCmVefNb4 i saw this errors on console when i was trying to watch movie
,
Oct 21 2016
I'm not sure I understand the report, but adding Security to have a closer look.
,
Oct 23 2016
Hi the Im pact here is critical at this point. Since someone myight taken over my gmail account. Here is the test that I made. I saw this on the page source here is the url shows when did a test. http://www.w3schools.com/html/tryit.asp?filename=tryhtml_default
,
Oct 23 2016
Please also refer to my report. I tried to test the whole page source here is the screen shot. Please also see my report 656898 about the weak ciphers and vulnerabity risks that I am exposed. I found out that the page source was a research by http://labs.sucuri.net/ That was the link appreared on the html test that I tested. http://mxtoolbox.com/domain/labs.sucuri.net/ This research sent me multiple vulnerabilities
,
Oct 25 2016
As with the reporter's other bugs ( Issue 656031 and Issue 656898 ), this is simply a list of types of vulnerabilities in computer software and not an actionable report of a vulnerability in Chrome. If you believe that your Gmail account has been compromised, please follow these steps: https://support.google.com/mail/answer/50270?hl=en |
|||||||||||
►
Sign in to add a comment |
|||||||||||
Comment 1 by cmarkta...@gmail.com
, Oct 15 2016