Browser JavaScript Exploits
The cluster focuses on discussions about JavaScript-based exploits in modern web browsers like Chrome and Firefox, including vulnerabilities in JS engines, sandbox escapes, mitigations, and real-world zero-days.
Activity Over Time
Top Contributors
Keywords
Sample Comments
There are exploits written in Javascript that run on a browser.
citation for your exploits claim ? you've worded it in an awkward manner that makes it sound like a red herringspecifically, are there javascript-only (or js+css+html only) exploits in recent chrome or firefox ?
Imagine if someone discovers a flaw in any library that your web browser uses, or the browser itself or is JS engine ... oh no!
I guess you've never heard of browser exploits?
Didn't browsers implement their own mitigations? Or were those only for some vulns?
I might be wrong, but shouldn't browser makers be able to prevent executing scripts from exploiting the low level memory manipulation this requires?
Aren't some of these speculation vulnerabilities exploitable from Javascript? This makes everyday web browsing "require security"
Exploits can escape your browser sandbox.
AFAIK most of modern web browser vulnerabilities come from JavaScript engines.
What browsers have this exploit been tested with?