CVE-2017-5124 PoC — Google Chrome for Mac、Windows和Linux Blink 跨站脚本漏洞

Source

https://github.com/Bo0oM/CVE-2017-5124

Associated Vulnerability

Title:Google Chrome for Mac、Windows和Linux Blink 跨站脚本漏洞 (CVE-2017-5124)
Description:Google Chrome for Mac、Windows和Linux是美国谷歌（Google）公司开发的一款基于Mac、Windows和Linux平台的Web浏览器。Blink是其中的一个美国谷歌（Google）公司和挪威欧朋（Opera Software）公司共同开发的一套浏览器排版引擎（渲染引擎）。基于Windows、Mac和Linux平台的Google Chrome 62.0.3202.62之前版本中的Blink存在跨站脚本漏洞。远程攻击者可借助特制的HTML页面利用该漏洞注入任意脚本或HTML

Description

Chrome < 62 uxss exploit (CVE-2017-5124)

Readme

# CVE-2017-5124
### UXSS with MHTML
DEMO: https://bo0om.ru/chrome_poc/PoC.php (tested on Chrome/61.0.3163.100)

File Snapshot


 [4.0K]  /data/pocs/bf81f408407512b718d3f16a7e356ea9d5301d3e
├── [ 732]  PoC.mht
├── [ 105]  PoC.php
└── [ 111]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!