
Chrome 61 UXSS (CVE-2017-5124) - i_bo0om
https://github.com/Bo0oM/CVE-2017-5124
======
rraval
This seems to be explained in better detail by [https://bo0om.ru/chrome-and-
safari-uxss](https://bo0om.ru/chrome-and-safari-uxss). Working via Google
Translate, the claim seems to be that using MHTML and XSLT allows you to
bypass the sandboxing rules and inject JavaScript that bypasses the same-
origin policy.

The linked blog credits a Chromium patch that led to the discovery of this
exploit: [https://chromium-
review.googlesource.com/c/chromium/src/+/65...](https://chromium-
review.googlesource.com/c/chromium/src/+/656397)

~~~
iancnorden
[https://securityespresso.org/translations/2017/11/14/chrome-...](https://securityespresso.org/translations/2017/11/14/chrome-
and-safari-uxss/) not sure the accuracy, in case folks can't hit .ru @ work.

------
rogerwang
This is available before the security issue is expected to be made public in
14 weeks window & exactly why you need to keep whatever Chromium engine in
your application up-to-date.

