Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2017-5124

Description

Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.

POC

Reference

- https://github.com/Bo0oM/CVE-2017-5124

- https://www.reddit.com/r/netsec/comments/7cus2h/chrome_61_uxss_exploit_cve20175124/

Github

- https://github.com/0xR0/uxss-db

- https://github.com/ARPSyndicate/cvemon

- https://github.com/Bo0oM/CVE-2017-5124

- https://github.com/Metnew/uxss-db

- https://github.com/grandDancer/CVE-2017-5124-RCE-0-Day

- https://github.com/lnick2023/nicenice

- https://github.com/neslinesli93/awesome-stars

- https://github.com/qazbnm456/awesome-cve-poc

- https://github.com/xbl2022/awesome-hacking-lists

- https://github.com/xbl3/awesome-cve-poc_qazbnm456