Browser icon indicating copy to clipboard operation
Browser copied to clipboard

Published 20 hours ago verified publisher icon OhHaiBrowser

XSS vulnerability

Open jinzihao opened this issue 3 years ago • 0 comments

The title and URL of bookmarks should be sanitized (HTML escaped) - try visiting https://lab.jinzihao.me/test_ohhai_browser.html and fav this page, the browser would be "hijacked" to https://example.com without a way to recover.

jinzihao avatar Jul 13 '21 08:07 jinzihao