|
|
|
|
|
|
by theEXTORTCIST
3239 days ago
|
|
|
The data URL scheme is abusable. Firefox and Chrome correctly redirect to localhost via javascript data:text/html,http://www.mostSecureInternetBankVictim.com/customerLogin.php%2FreallyLoginRandomData=130r193fj02jf-2jf023f23f-f2039f0239jf0a-39j029jg90wgj-9203f092jf0f-90e9f204fh0-9hf2ef8CUSTID=923r9032fdjnnvjddata%3Atext%2Fhtml%2C%3Cscript%3Ewindow.location%20%3D%20%22http%3A%2F%2F2130706433%22%3B%3C%2Fscript%3EValuedGoogleCustomer=?Security=trueEncrypted=trueSecureBrowsingSession=True
|
|
|