Comodo Dragon Cross-Site Scripting Vulnerability in IP DNS Leakage Detector

A cross-site scripting vulnerability has been identified in Comodo Dragon versions through 134.0.6998.179. This issue arises in the IP DNS Leakage Detector component, where user-controlled input is not properly sanitized before being output, allowing for the injection of malicious scripts. The vulnerability can be exploited remotely, but requires user interaction.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, first modify the hosts file to direct a domain, such as google.com, to a server with an invalid HTTPS certificate. When Comodo Dragon is used to access this domain, the browser will allow the connection, bypassing standard security checks. Next, take advantage of the IP DNS Leakage Detector extension, which operates over an insecure HTTP connection. By performing DNS spoofing, it's possible to intercept and manipulate the data sent by this extension. Finally, inject a malicious response that exploits the cross-site scripting flaw by executing JavaScript or creating a phishing form.