Skip to content

Instantly share code, notes, and snippets.

@cd80

cd80/gist:8e41a17bc0c2113f6347581cec726d11

Last active February 14, 2024 07:19
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cd80/8e41a17bc0c2113f6347581cec726d11 to your computer and use it in GitHub Desktop.
Save cd80/8e41a17bc0c2113f6347581cec726d11 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
- CVE ID
Not assigned yet
- Name of affected product and versions
https://github.com/web-platform-tests/wpt
version <= commit 938e843
- Problem type
Attacker can execute arbitrary javascript code in victim's browser by sending specifically crafted url that exploits DOM based XSS in /dom/ranges/Range-test-iframe.html.
- Description
Cross Site Scripting (XSS) vulnerability in the component /dom/ranges/Range-test-iframe.html of github repository web-platform-tests/wpt allows attackers to execute arbitrary javascript code via sending a crafted URL to a victim.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment