Advisories Archives - Johan Carlsson

CVE-2022-4908: SOP bypass in Chrome using Navigation API

Last year, I discovered a Same-Origin Policy (SOP) bypass in Chrome that allowed an attacker to leak the full URLs of another window’s navigation history. While attacks could be conducted cross-origin, these attacks were only possible if the two windows were at the same time considered same-site (If you are not familiar with the concepts…

October 6, 2023

GitLab: CVE-2023-5009

Release notes cve.mitre.org bleepingcomputer.com

September 18, 2023

Grafana: CVE-2023-1387

Report https://grafana.com/blog https://grafana.com/security/security-advisories/cve-2023-1387/

April 26, 2023

Category: Advisories

CVE-2022-4908: SOP bypass in Chrome using Navigation API

GitLab: CVE-2023-5009

Grafana: CVE-2023-1387