{"vulnerability": "CVE-2020-6519", "sightings": [{"uuid": "c172fc8f-b61c-4310-a63a-02ec31a21d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6519", "type": "seen", "source": "MISP/5daca6b0-05c2-4b47-9303-87a2a312e752", "content": "", "creation_timestamp": "2024-11-14T06:07:19.000000Z"}, {"uuid": "d529c566-c3a0-44ac-ba8f-086bd335d04c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6519", "type": "published-proof-of-concept", "source": "https://t.me/cKure/1770", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 #Zeroday CSP Bypass [CVE-2020-6519] Vulnerability in Google Chrome Discovered - Almost Every Website In The World Was At Risk\n\nhttps://threatpost.com/google-chrome-bug-data-theft/158217/\n\nhttps://www.perimeterx.com/tech-blog/2020/csp-bypass-vuln-disclosure/ #0day", "creation_timestamp": "2020-08-10T21:10:40.000000Z"}, {"uuid": "cd243555-954c-4784-8202-f20af60b5517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6519", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1573", "content": "CSP Bypass Vulnerability in Google Chrome 73-83/\nOpera/Edge on Windows, Mac, Android Discovered - Almost Every Website In The World Was At Risk (CVE-2020-6519)...\nhttps://www.perimeterx.com/tech-blog/2020/csp-bypass-vuln-disclosure/\nPoC:\nhttps://github.com/PerimeterX/CVE-2020-6519/tree/master/POC", "creation_timestamp": "2020-08-12T11:03:01.000000Z"}, {"uuid": "4014da3e-49a5-42ce-aba4-6ba426b3885a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-6519", "type": "seen", "source": "https://t.me/EverythingFromIFC/153", "content": "#News\nThreat Post reported that: Chromium kernel-based browsers have been exposed to a content security policy (CSP) vulnerability that can be bypassed, leaving billions of users vulnerable to attackers to steal data and execute malicious code. PerimeterX network security researcher Gal Weizman pointed out that the vulnerability (CVE-2020-6519) can be found in Chrome browsers for Windows, Mac and Android, as well as Opera and Edge.\n\n>It is reported that as a Web standard, the Content Security Policy (CSP) is designed to prevent certain types of attacks, such as cross-site scripting (XSS) and data-injection.\n\nCSP allows web administrators to specify the effective source range of scripts executable by browsers, so that browsers compatible with the standard only execute script loading operations from trusted sources.\n\n\u2581 \u2582 \u2584 U\ud835\udd5f\ud835\udd3b\u24ba\ud835\udc2b\u0106\ud835\udd2c\ud835\udcd3\u24d4 \u2584 \u2582 \u2581", "creation_timestamp": "2020-08-12T10:38:21.000000Z"}]}