Issue metadata
Sign in to add a comment
|
Security: JavaScript URIs may be entered in the address bar
Reported by
mukulmal...@gmail.com,
Oct 25 2016
|
||||||||||||||||||||
Issue descriptionVULNERABILITY DETAILS:- XSS in Google chrome VERSION:- Google Chrome Version: 53.0.2785.143 m (64-bit) Operating System: Windows 10 (64-bit) Default search engine: https://www.google.co.in REPRODUCTION CASE:- Hi 1. OS-Windows 10/ Browser - Google chrome 2. Open google chrome. 3. Enter the XSS payload like javascript:alert(1) in chrome browser's address bar(attaching image) 4. Now you will see www.google.co.in says XSS , will pop up (attaching Image ). 5. I am attaching images of POC. I hope you will able to reproduce it. Look forward to hear from you. Thanks Mukul Kumar Lohar (mukulmalviya2@gmail.com)
,
Jan 31 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by elawrence@chromium.org
, Oct 25 2016Mergedinto: 656749
Status: Duplicate (was: Unconfirmed)
Summary: Security: JavaScript URIs may be entered in the address bar (was: Security: XSS vulnerability in Google Chrome)