[Webkit-unassigned] [Bug 66580] New: XSS Filter Bypass with long strings
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Aug 19 13:50:24 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=66580
Summary: XSS Filter Bypass with long strings
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: NEW
Keywords: XSSAuditor
Severity: Normal
Priority: P2
Component: WebKit Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: abarth at webkit.org
Blocks: 66579
Created an attachment (id=104557)
--> (https://bugs.webkit.org/attachment.cgi?id=104557&action=review)
test case
http://code.google.com/p/chromium/issues/detail?id=77731
VULNERABILITY DETAILS
On pages that render a large amount of user input it is possible to bypass the XSS filter.
VERSION
Chrome Version: 11.0.696.25 beta
Operating System: Windows Vista SP2
REPRODUCTION CASE
The attachment contains two files: a PHP file and an HTML file. Host the PHP file and update the form action in the HTML file to point to it. Open a new chrome tab and navigate to the HTML file.
xss-filter-bypass.zip
890 bytes Download
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list