lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGUWgD9ja60Wrbg-zU8XuTe_G1nZtOO-vRH5_SxPj_UGoOGu0w@mail.gmail.com> Date: Wed, 19 Apr 2023 15:49:51 +0300 From: Georgi Guninski <gguninski@...il.com> To: fulldisclosure@...lists.org Subject: [FD] Checking existence of firewalled URLs via javascript's script.onload There is minor information disclosure vulnerability similar to nmap in browser. It is possible to check the existence of firewalled URL U via the following javascript in a browser: <script src="U" onload="alert('Exists')" onerror="alert('Does not exist')"> This might have privacy implication on potentially "semi-blind CSRF" (XXX does this makes sense?). Works for me in Firefox, Chrome and Chromium 112. I believe the issue won't be fixed because it will break stuff in the mess called internet. For online test: https://www.guninski.com/onload2.html -- guninski: https://j.ludost.net/resumegg.pdf _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists