vendor:
Chromium
by:
Project Zero
8,8
CVSS
HIGH
DOM-based Cross-Frame Scripting
79
CWE
Product Name: Chromium
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2018-17463
CPE: a:chromium:chromium
Metasploit:
https://www.rapid7.com/db/vulnerabilities/google-chrome-cve-2018-17463/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2018-17463/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2018-17463/, https://www.rapid7.com/db/vulnerabilities/redhat_linux-cve-2018-17463/, https://www.rapid7.com/db/vulnerabilities/debian-cve-2018-17463/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2018-17463/
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2018
ContainerNode.cpp parserInsertBefore() Vulnerability
The vulnerability exists in the ContainerNode.cpp parserInsertBefore() function, which can be exploited to bypass the frame restrictions and allow an attacker to run script. This can be done by calling the parserRemoveChild() function, which can remove the nextChild node from the DOM or move the node around, resulting in an inconsistent state after the insertBeforeCommon() call.
Mitigation:
No mitigation is available for this vulnerability.
