Issue metadata
Sign in to add a comment
|
UXSS using bookmark
Reported by
s.h.h.n....@gmail.com,
Nov 26 2016
|
||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36 Steps to reproduce the problem: 1. Add bookmark and set URL to javascript:alert(1) 2. While visiting any website, if you click that bookmark, it will execute javascript on that website. What is the expected behavior? Does not allow javascript: bookmark (maybe) What went wrong? When clicking bookmark, Chrome tries to open that URL on current window. Therefore javascript executes on that website. Further more, Dropjacking (https://bugs.chromium.org/p/chromium/issues/detail?id=639750) that I report allow Drag and Drop to add new Bookmark. Which is very useful for this attack. Did this work before? N/A Chrome version: 54.0.2840.98 Channel: stable OS Version: OS X 10.11.6 Flash Version: Shockwave Flash 23.0 r0
,
Jan 9 2017
Removing restrictions since it is not a security issue + other similar bugs are public. |
|||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||
Comment 1 by dominickn@chromium.org
, Nov 27 2016Status: Duplicate (was: Unconfirmed)