EIP-2026-103990
PRE-CVEMozilla 1.x / opera 6/7 - Timed document.write Method Cross Domain Policy
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-103990. PoCs published by meme-boi.
AI-analyzed exploit summary This exploit leverages a cross-domain security violation in browsers by using `window.open` with a `view-source` URI to bypass same-origin policy, potentially allowing arbitrary script execution in the local security zone. The PoC demonstrates this by opening a new window and injecting content after a delay.
Description
Mozilla 1.x / opera 6/7 - Timed document.write Method Cross Domain Policy
Exploits (1)
This exploit leverages a cross-domain security violation in browsers by using `window.open` with a `view-source` URI to bypass same-origin policy, potentially allowing arbitrary script execution in the local security zone. The PoC demonstrates this by opening a new window and injecting content after a delay.