Giter VIP home page Giter VIP logo

uxss-db's Introduction

uxss-db

Inspired by js-vuln-db

UXSS (SOP BYPASS)

UXSS (Universal Cross-site Scripting) is a type of attack that exploits client-side vulnerabilities in the browser or browser extensions in order to generate an XSS condition, and execute malicious code. When such vulnerabilities are found and exploited, the behavior of the browser is affected and its security features may be bypassed or disabled.

Some CVE ids were not found:

Version field has "?" symbol, if detailed version wasn't attached to a report

Webkit

CVE/id title version date
CVE-2017-7089 UXSS via parent-tab:// 10? Sep 20, 2017
CVE-2017-7037 UXSS via JSObject::putInlineSlow and JSValue::putToPrimitive 10? Mar 10 2017
0-1197 WebKit: UXSS via CachedFrameBase::restore 10? Mar 17 2017
CVE-2017-2528 UXSS: CachedFrame doesn't detach openers 10? Mar 10 2017
0-1163 UXSS via Document::prepareForDestruction and CachedFrame 10? Mar 3 2017
CVE-2017-2510 UXSS: enqueuePageshowEvent and enqueuePopstateEvent don't enqueue, but dispatch 10? Feb 27 2017
CVE-2017-2508 UXSS via ContainerNode::parserInsertBefore 10? Feb 24 2017
0-1134 UXSS via ContainerNode::parserRemoveChild (2) 10? Feb 17 2017
0-1132 UXSS: the patch of #1110 made another bug 10 Feb 16 2017
CVE-2017-2504 UXSS via Editor::Command::execute 10.0.3 Feb 16 2017
CVE-2017-2493 UXSS through HTMLObjectElement::updateWidget 10.0.3 Feb 9 2017
CVE-2017-2480 UXSS via a synchronous page load 10.0.3 Feb 9 2017
CVE-2017-2479 UXSS via a focus event and a link element 10.0.3 Feb 9 2017
CVE-2017-2475 UXSS via ContainerNode::parserRemoveChild 10.0.3 Feb 2 2017
0-1094 UXSS via operationSpreadGeneric 10.0.2 Jan 20 2017
0-1084 UXSS via PrototypeMap::createEmptyStructure 10.0.2 Jan 17 2017
CVE-2017-2445 UXSS via disconnectSubframes 10.0.2 Jan 9 2017
CVE-2017-2442 UXSS with JSCallbackData 10.0.2 Jan 3 2017
CVE-2017-2367 UXSS by accessing a named property from an unloaded window 10.0.2 Dec 23 2016
CVE-2017-2365 UXSS via Frame::setDocument 10.0.2 Dec 20 2016
CVE-2017-2364 UXSS via Frame::setDocument (1). 10.0.2 Dec 20 2016
CVE-2017-2363 UXSS via FrameLoader::clear 10.0.2 Dec 19 2016

Chrome:

CVE/id title version date
CVE-2017-5124 UXSS with MHTML 61 Oct 20 2017
cr-687844 window.external leaks global object + cross origin script access 57 Feb 2 2017
CVE-2017-5007 UXSS through bypassing ScopedPageSuspender with closing windows 55 Dec 5 2016
cr-656274 Cross-origin object leak via fetch 56 (canary) Oct 15 2016
cr-594383 UXSS via window.open() via file:// pages 54 Oct 15 2016
CVE-2016-5207 UXSS via fullscreen element updates 54 Oct 14 2016
CVE-2016-5204 UXSS by intercepting a UA shadow tree 52 Jul 24 2016
CVE-2016-1676 Persistent UXSS via SchemaRegistry 50 Apr 19 2016
CVE-2016-1667 UXSS through adopting image elements 50 Apr 21 2016
CVE-2016-1674 UXSS via the interception of Binding with Object.prototype.create 49 Mar 26 2016
CVE-2016-1673 UXSS using a FrameNavigationDisabler bypass 49 Mar 24 2016
cr-583445 UXSS in DocumentLoader::createWriterFor 48 Feb 2 2016
CVE-2016-1631 UXSS using Flash message loop 47 Dec 14 2015
CVE-2015-6770 UXSS using document.adoptNode 45 Oct 8 2015
CVE-2015-6769 UXSS via the unload_event module 45 Sep 22 2015
CVE-2015-6765 UXSS via ContainerNode::parserInsertBefore 44 Aug 11 2015
CVE-2015-1268 UXSS using IDBKeyRange static methods 43 May 31 2015
CVE-2014-1701 UXSS via dispatchEvent on iframes 32 Feb 11 2014
CVE-2011-2856 Arbitrary cross-origin bypass using __defineGetter__ prototype override 15 Aug 18 2011
CVE-2011-3243 Universal XSS using contentWindow.eval 12 May 24 2011
cr-37383 javascript: url with a leading NULL byte can bypass cross origin protection. ? Mar 4 2010

IE:

CVE/id version/date reporter
CVE-2015-0072, alternative PoC

Articles:

Author

Vladimir Metnew [email protected]

LICENSE

MIT

Notes:

How to start hacking? You need:

  • Knowledge of C++, memory management and memory corruptions
  • Compiled Webkit/Chromium/FF sources with ASAN
  • Source code review + previous vulnerabilities
  • Fuzzer won't help you find UXSS

uxss-db's People

Contributors

metnew avatar

Watchers

Cy95 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.