Описание
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2017-17692
- https://datarift.blogspot.in/p/samsung-interent-browser-sop-bypass-cve.html
- https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/samsung_browser_sop_bypass.rb
- https://www.exploit-db.com/exploits/43376
- http://packetstormsecurity.com/files/145510/Samsung-Internet-Browser-SOP-Bypass.html
Связанные уязвимости
CVSS3: 7.5
nvd
около 8 лет назад
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that redirects to a child tab and rewrites the innerHTML property.