Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-33437

Published: 30/04/2024 Updated: 01/05/2024

Vulnerability Summary

An issue in CSS Exfil Protection v.1.1.0 allows a remote malicious user to obtain sensitive information due to missing support for CSS Style Rules.

Github Repositories

https://github.com/randshell/CSS-Exfil-Protection-POC

CSS Exfil Protection PoC Test Page: randshellgithubio/CSS-Exfil-Protection-POC/ PoC screenshot: CVE-2024-29384 githubcom/mlgualtieri/CSS-Exfil-Protection/blob/d0ad3ae654d040f5bfdd84a96c55827896572f6d/chrome/contentjs#L242 In the current version of the extension, the above line is responsible for detecting all the URLs that contain //, unless the ;base64, va

References

https://github.com/mlgualtieri/CSS-Exfil-Protection/issues/41https://github.com/randshell/vulnerability-research/tree/main/CVE-2024-33437https://nvd.nist.govhttps://github.com/randshell/CSS-Exfil-Protection-POC
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065open redirectCVE-2024-1086path traversalCVE-2024-29825XXECVE-2024-29822CVE-2024-20696CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook