New issue
Advanced search Search tips

Issue 735210 link

Starred by 1 user

Issue metadata

Status: Duplicate
Merged: issue 726950
Owner: ----
Closed: Jun 2017
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

URL Spoofing via Armenian Letters

Reported by rayyan...@gmail.com, Jun 20 2017

Issue description

cnո.com ( http://xn--cn-ded.com/ )
yoսtube.com ( http://xn--yotube-qkh.com/ )

What's wrong?

Doesn't show in punnycode

More Info:

“ս” --> U+054D 

“ո” --> U+0578 Armenian Small Letter
 
PoC.png
16.0 KB View Download

Comment 1 by rayyan...@gmail.com, Jun 20 2017

Note: The same issue was reported 4 days ago but for some unknown reason it was classified as spam. (Tho, I've reported the link as incorrect spam)

https://bugs.chromium.org/p/chromium/issues/detail?id=734181
Mergedinto: 726950
Status: Duplicate (was: Unconfirmed)
Project Member

Comment 3 by sheriffbot@chromium.org, Oct 5 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment