Issue 681298 link

Starred by 1 user

Issue metadata

Status:	WontFix
Owner:	----
Closed:	Jan 2017
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug-Security
allpublic Via-Wizard-Security

Snadbox Bypass using iFrame

Reported by mishra.d...@gmail.com, Jan 14 2017

Issue description

UserAgent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0

Steps to reproduce the problem:
Reproduce :
1. Open iframe.html file.
2. Click Download here.

Works in all OS and versions

What is the expected behavior?

What went wrong?
The tab get XSS.Attaching POC for reference.  

Did this work before? N/A 

Chrome version: 56.0.2924.59 (Official Build) beta (64-bit)  Channel: n/a
OS Version: 
Flash Version: Shockwave Flash 24.0 r0

	Chrome_Beta_SandBox.mp4 264 KB View Download

iframe.html
49 bytes View Download

Comment 1 by mishra.d...@gmail.com, Jan 14 2017

Sorry for Title : SandBox Bypass using iFrame.
Typo error.

Comment 2 by aarya@google.com, Jan 17 2017

Status: WontFix (was: Unconfirmed)

This is not XSS, you are executing script in the context of the original site.

Project Member

Comment 3 by sheriffbot@chromium.org, Apr 25 2017

Labels: -Restrict-View-SecurityTeam allpublic

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

►

Issue 681298 link

Issue metadata

Snadbox Bypass using iFrame

Issue description

Comment 1 by mishra.d...@gmail.com, Jan 14 2017

Comment 1 Deleted

Comment 2 by aarya@google.com, Jan 17 2017

Comment 2 Deleted

Comment 3 by sheriffbot@chromium.org, Apr 25 2017

Comment 3 Deleted

Sign in to add a comment