Version 1
Vortrag: Bypassing Chrome's XSS Filter

In this talk, I will present a detailed security analysis of Chrome's XSS Filter. During this analysis we discovered about 17 bypasses that allow to circumvent the filter in certain situations. To evaluate the the filter's protection capabilities, we conducted a study by evaluating it against 1602 real-world DOM-based XSS vulnerabilities. Thereby, we were able to conduct XSS attacks in 80% of all vulnerable Web applications despite of the activated filter.
Info
Tag:
20.06.2014
Anfang:
11:30 Uhr
Dauer:
01:00
Room:
Medientheater
Track:
GPN
Sprache:
de
Links:
Concurrent events
- ZKM-Vortragssaal
- CVVisual
- Workshopraum
- Von der Idee zur Leiterplatte
Referenten
![]() |
Sebastian Lekies |