oss-sec mailing list archives

Re: squirrelmail XSS issues in bug tracker since 2016

From: Hanno Böck <hanno () hboeck de>
Date: Wed, 27 Jun 2018 12:55:32 +0200

On Wed, 27 Jun 2018 12:26:09 +0200
Hanno Böck <hanno () hboeck de> wrote:

PoC2: This is "XSS-via-data-uri", a data URI runs in its own origin,
thus I don't see how this is a security risk. It's not really an XSS.


Have to correct myself: As Mario Heiderich has pointed out to me [1]
this actually depends on the browser. While most modern browsers run
data URIs in their own origin, this is not the case in Firefox 52 ESR
and in the Tor Browser (which is based on Firefox 52 ESR).


[1] https://twitter.com/0x6D6172696F/status/1011916899867922432

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Current thread:

squirrelmail XSS issues in bug tracker since 2016 Hanno Böck (Jun 27)
- Re: squirrelmail XSS issues in bug tracker since 2016 Hanno Böck (Jun 27)
- Re: squirrelmail XSS issues in bug tracker since 2016 Hanno Böck (Jun 27)