CVE-2020-6519

This exploit demonstrates a full CSP (Content Security Policy) bypass in Chromium 83 by dynamically injecting malicious objects, iframes, and scripts via JavaScript. It leverages a vulnerability in the handling of 'javascript:' URIs in iframes to execute arbitrary code, bypassing CSP restrictions.

This repository contains a functional proof-of-concept exploit for CVE-2020-6519, a Chromium CSP bypass vulnerability. The exploit leverages a JavaScript iframe injection technique to bypass Content Security Policy restrictions, allowing the execution of scripts from unauthorized sources.