CSS Handling Status Bar Spoofing, I found this interesting vulnerability 5 years ago, and now it still exists.When the key UI module of the browser can be controled by the user , I think it is dangerous，such as the orgin of the dialog box, etc..Of course the status bar of the browser is different from the traditional browser URL spoof,it is more like a logical error in design,which led to the attacker can use CSS to draw a exactly the same status bar.Although it’s not as serious as you think about it.But I still stick to my point of view, when an attacker can control the UI module of the browser , the phishing attack may happen at any time.
Now you can try CSS Handling Status Bar Spoofing
Microsoft Internet Explorer CSS Handling Status Bar Spoofing Vulnerability
Google Chrome CSS Handling Status Bar Spoofing Vulnerability
Mozilla Firefox CSS Handling Status Bar Spoofing Vulnerability