漏洞描述:Google Chrome 是 Google 公司开发的网页浏览器。Google Chrome 在116.0.5845.96版本之前,默认使用的xsl库调用document() 加载的文档时包含对外部实体的引用。攻击者可以创建并托管包含XSL样式表的SVG图像和包含外部实体引用的文档。当受害者访问SVG图像链接时,浏览器会解析XSL样式表,调用document() 加载包含外部实体引用的文档,读取受害者机器的任意文件。VULNERABILITY DETAILSShort description: Libxslt is the default XSL library used in WebKit based browsers such as chrome, safari etc. Libxslt allows external entities inside documents that are loaded by XSL document() method. An attacker can bypass security restrictions, access file:// urls from http(s):// urls and gain file access.With the default sandbox attacker can read /etc/hosts file on ios (safari/chrome), mac (safari/chrome), android (chrome) and samsung tv (default browser).When the -no-sandbox attribute is use
………………………………