Exploitation Summary
EIP tracks 1 public exploit for CVE-2019-5822. PoCs published by Silence-Rain.
AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2019-5822, which involves a bypass mechanism for download restrictions in a web application. The exploit uses an Express server to serve malicious HTML and PHP files that redirect users to arbitrary URLs, demonstrating the vulnerability.
Description
Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
Exploits (1)
This repository contains a proof-of-concept exploit for CVE-2019-5822, which involves a bypass mechanism for download restrictions in a web application. The exploit uses an Express server to serve malicious HTML and PHP files that redirect users to arbitrary URLs, demonstrating the vulnerability.
References (8)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H