Issue 677967 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Jan 2017
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	----
Type:	Bug-Security

Security: XSS by rewriting page with Developer Tools editor

Reported by anasmahm...@gmail.com, Jan 3 2017

Issue description

Hi,I'm Anas I found "XSS" Vulnerability in Google Chrome Browser.

Attack String: javascript:alert(/XSS/);

Chrome version: 55.0.2883.87 + 57.0.2935.0

OS: Win7 

Language=en-US

Impact: High

Check the video for complete details.

Thank You..

Regards: Anas Mahmood

gc.avi
12.0 MB Download

Comment 1 by elawrence@chromium.org, Jan 3 2017

Labels: -Restrict-View-SecurityTeam
Status: WontFix (was: Unconfirmed)
Summary: Security: XSS by rewriting page with Developer Tools editor (was: Security: XSS)

Editing a page in the Developer Tools does not represent a browser security vulnerability.

Further discussion can be found here:

https://dev.chromium.org/Home/chromium-security/security-faq#TOC-Does-entering-JavaScript:-URLs-in-the-URL-bar-or-running-script-in-the-developer-tools-mean-there-s-an-XSS-vulnerability-

►

Issue 677967 link

Issue metadata

Security: XSS by rewriting page with Developer Tools editor

Issue description

Comment 1 by elawrence@chromium.org, Jan 3 2017

Comment 1 Deleted

Sign in to add a comment