Using this exploit, an attacker can abuse the following permissions which the extension has access to: "permissions" : , An attacker can craft a specialized link which will cause arbitrary JavaScript execution in the context of the extension. The cause of this vulnerability is due to the use of string concatenation to build HTML which is dynamically appended to the DOM via jQuery. All that is required to exploit these extensions is for a victim to navigate to an attacker-controlled page. While scanning various Chrome extensions with tarnish I found the popular Chrome extensions Video Downloader for Chrome version 5.0.0.12 (8.2 million users) and Video Downloader Plus (7.3 million users) suffers from a Cross-site Scripting (XSS) vulnerability in their browser action page. For this reason the whole thing is a bit lengthy. I’m going to actually walk through the code along with you to show you how tracing through an extension generally works. Note: This post is going to be a bit different from the previous Chrome extension vulnerability writeups.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |