关键字【Brave Software】的搜索结果共60记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2018-10-09 $50.0 metnew Navigation to restricted origins via "Open in new tab" Brave Software none
2018-10-04 $ metnew `settingcontent-ms` files lacks "mark of the web" => execute code by dbl click in Downloads toolbar Brave Software none
2018-10-04 $50.0 metnew Cross-origin page stays focused before/after downloading + uninformative modal window for download Brave Software none
2018-10-04 $ metnew `alert()` dialogs on `chrome-extension://` origin (internal pages) Brave Software none
2018-10-04 $75.0 metnew URL spoofing using protocol handlers Brave Software none
2018-10-04 $50.0 metnew URL spoofing in Brave for macOS Brave Software none
2018-09-29 $400.0 metnew Local files reading using `link[rel="import"]` Brave Software none
2018-09-29 $400.0 metnew Local files reading from the "file://" origin through `brave://` Brave Software none
2018-09-25 $1000.0 metnew `chrome://brave` available for navigation in Release build [-> RCE] + navigation to `chrome://*` using tab_helper ["Open in new tab"] Brave Software none
2018-09-25 $5000.0 metnew Local files reading from the web using `brave://` Brave Software none
2018-09-24 $ metnew Torrent extension: Cross-origin downloading + "URL spoofing" + CSP-blocked XSS Brave Software none
2018-09-24 $300.0 metnew Navigation to `chrome-extension://` origin (internal pages) from the web Brave Software none
2018-09-24 $50.0 metnew Unsafe handling of protocol handlers Brave Software none
2018-09-24 $200.0 metnew Navigation to protocol handler URL from the opened page displayed as a request from this page. Brave Software none
2018-09-24 $80.0 metnew DoS in Brave browser for iOS Brave Software Denial of Service