Universal Code Execution by Chaining Messages in Browser Extensions
Jul 7, 2024
·
2111 words
·
10 minute read
By chaining various messaging APIs in browsers and browser extensions, I demonstrate how we can jump from web pages to “universal code execution”, breaking both Same Origin Policy and the browser sandbox. I provide two new vulnerability disclosures affecting millions of users as examples. In addition, I demonstrate how such vulnerabilities can be discovered at scale with a combination of large dataset queries and static code analysis.
Note: The extension...
Read more at spaceraccoon.dev