SVG Fun Time - Firefox SVG Vector + Bypassing Chrome XSS Auditor
Tags
| attack-pattern: | Data Javascript - T1059.007 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | aa160ade-caff-4709-bfd0-c84aa1dacc74 |
| Fingerprint | cea3895b0187b7f3 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 5, 2014, 2:02 a.m. |
| Added to db | Jan. 18, 2023, 9:49 p.m. |
| Last updated | Nov. 17, 2024, 6:30 p.m. |
| Headline | InsertScript |
| Title | SVG Fun Time - Firefox SVG Vector + Bypassing Chrome XSS Auditor |
| Detected Hints/Tags/Attributes | 23/1/13 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 150 | www.w3.org |
|
| Details | Domain | 1 | vulnerabledoman.com |
|
| Details | Domain | 1 | vulnerabledomain.com |
|
| Details | File | 25 | test.html |
|
| Details | File | 1 | 'external.svg |
|
| Details | File | 1 | external.svg |
|
| Details | File | 2 | xss.php |
|
| Details | Url | 20 | http://www.w3.org/2000/svg |
|
| Details | Url | 7 | http://www.w3.org/1999/xlink |
|
| Details | Url | 21 | http://www.w3.org/1999/xhtml |
|
| Details | Url | 1 | http://vulnerabledoman.com/xss.php?x= |
|
| Details | Url | 1 | http://vulnerabledomain.com/xss.php? |
|
| Details | Url | 1 | http://vulnerabledomain.com/xss.php |