header-logo
Suggest Exploit
vendor:
Google Toolbar
by:
5.5
CVSS
MEDIUM
HTML Injection
79
CWE
Product Name: Google Toolbar
Affected Version From:
Affected Version To:
Patch Exists: YES
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Google Toolbar HTML Injection Vulnerability

The Google Toolbar 'ABOUT.HTML' page allows the injection of HTML and JavaScript code, which may allow an attacker to inject malicious code into the about page of the vulnerable application.

Mitigation:

Update to the latest version of Google Toolbar.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11210/info

Google Toolbar is reported prone to a HTML injection vulnerability. It is reported that the Google Toolbar 'ABOUT.HTML' page allows the injection of HTML and JavaScript code.

This vulnerability may allow an attacker to inject malicious HTML and script code into the about page of the vulnerable application.

<s c r i p t>
window.showModalDialog("res://C:\\Program%20Files\\Google\\GoogleToolbar1.dll/ABOUT.HTML",
"<div style=\"background-image:
url(javascript:alert(location.href));\">");
</s c r i p t>

Navigation

Suggest Exploit

Services By CQR