Chromium Web Store
by NeverDecaf · MIT · Homepage · View source
Brings Chrome Web Store functionality to ungoogled-chromium and other Chromium forks that lack web store support. Allows installing extensions directly from Chrome Web Store with automatic update checking.
chromium
Versions
v1.5.5.3 —
Permissions
managementstoragealarmscontextMenusdownloadshttps://clients2.google.com/service/*host
Static findings
| Severity | Code | File:Line | Message |
|---|---|---|---|
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:151 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:149 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:164 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:76 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:194 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/localize.js:5 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:152 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:167 | innerHTML assignment can lead to XSS if content is not sanitised. |
Dependency audit
Dependency audit not run (no package.json or npm unavailable).
v1.5.5.2 —
Permissions
managementstoragealarmscontextMenusdownloadshttps://clients2.google.com/service/*host
Static findings
| Severity | Code | File:Line | Message |
|---|---|---|---|
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:151 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:149 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:164 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:76 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:194 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/localize.js:5 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:152 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:167 | innerHTML assignment can lead to XSS if content is not sanitised. |
Dependency audit
Dependency audit not run (no package.json or npm unavailable).
v1.5.5.1 —
Permissions
managementstoragealarmscontextMenusdownloadshttps://clients2.google.com/service/*host
Static findings
| Severity | Code | File:Line | Message |
|---|---|---|---|
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:151 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:149 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:164 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:76 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:194 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/localize.js:5 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:152 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:167 | innerHTML assignment can lead to XSS if content is not sanitised. |
Dependency audit
Dependency audit not run (no package.json or npm unavailable).
v1.5.5 —
Permissions
managementstoragealarmscontextMenusdownloadshttps://clients2.google.com/service/*host
Static findings
| Severity | Code | File:Line | Message |
|---|---|---|---|
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:151 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:149 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:164 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:76 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:194 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/localize.js:5 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:152 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:167 | innerHTML assignment can lead to XSS if content is not sanitised. |
Dependency audit
Dependency audit not run (no package.json or npm unavailable).
v1.5.4.3 —
Permissions
managementstoragealarmscontextMenusdownloadshttps://clients2.google.com/service/*host
Static findings
| Severity | Code | File:Line | Message |
|---|---|---|---|
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/inject.js:151 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:149 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | en_nolocale/scripts/popup.js:164 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:32 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:65 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:76 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/inject.js:194 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/localize.js:5 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/options.js:43 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:8 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:12 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:51 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:59 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:107 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:113 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:138 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:152 | innerHTML assignment can lead to XSS if content is not sanitised. |
| info | INNER_HTML_ASSIGN | src/scripts/popup.js:167 | innerHTML assignment can lead to XSS if content is not sanitised. |
Dependency audit
Dependency audit not run (no package.json or npm unavailable).
⚑ Report this extension
Reports are private and reviewed by maintainers. They are not published.