Episode 79: The State of CSS Injection - Leaking Text Nodes & HTML Attributes
Critical Thinking - Bug Bounty Podcast
00:00
Exploring Chrome Extension Vulnerabilities
This chapter delves into the complexities of universal code execution related to Chrome extensions, emphasizing the thorough research around security vulnerabilities. The speakers highlight the architecture of Chrome extensions and the challenges in understanding their interactions, particularly focusing on CSS injection and client-side path traversal vulnerabilities. Additionally, they discuss practical examples of exploiting these weaknesses and call on the community to further investigate potential threats in widely-used frameworks.
Transcript
Play full episode
