关键字【Brave Software】的搜索结果共64记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2018-10-23 $650.0 qab chrome://brave navigation from web Brave Software Code Injection
2018-10-23 $300.0 qab chrome://brave can still be navigated to, leading to RCE Brave Software Code Injection
2018-10-22 $300.0 metnew RCE: DnDing shortcut files to chrome://brave allows loading HTML files in Muon's context Brave Software none
2018-10-22 $150.0 bobrov [Android] HTML Injection in BatterySaveArticleRenderer WebView Brave Software Cross-site Scripting (XSS) - Generic
2018-10-09 $50.0 metnew Navigation to restricted origins via "Open in new tab" Brave Software none
2018-10-04 $ metnew `settingcontent-ms` files lacks "mark of the web" => execute code by dbl click in Downloads toolbar Brave Software none
2018-10-04 $50.0 metnew Cross-origin page stays focused before/after downloading + uninformative modal window for download Brave Software none
2018-10-04 $ metnew `alert()` dialogs on `chrome-extension://` origin (internal pages) Brave Software none
2018-10-04 $75.0 metnew URL spoofing using protocol handlers Brave Software none
2018-10-04 $50.0 metnew URL spoofing in Brave for macOS Brave Software none
2018-09-29 $400.0 metnew Local files reading using `link[rel="import"]` Brave Software none
2018-09-29 $400.0 metnew Local files reading from the "file://" origin through `brave://` Brave Software none
2018-09-25 $1000.0 metnew `chrome://brave` available for navigation in Release build [-> RCE] + navigation to `chrome://*` using tab_helper ["Open in new tab"] Brave Software none
2018-09-25 $5000.0 metnew Local files reading from the web using `brave://` Brave Software none
2018-09-24 $ metnew Torrent extension: Cross-origin downloading + "URL spoofing" + CSP-blocked XSS Brave Software none