Self‑HTML Injection in Total WebShield (Chrome Extension v3.2)
TL;DR: (This vulnerability was named CVE-2025-8751)Total WebShield (v3.2) fails to sanitize the category URL‑parameter in its block page, allowing an attacker to inject arbitrary HTML into the extension’s UI. This can be abused to load remote content...
Jul 27, 20253 min read817
