The bug is based on a misuse of srcdoc attribute of IFRAME tag, included in HTML5 definition.
Identified by ElevenPaths.
Chrome has now been Fixed but Safari is still vulnerable.
Test URL of how the Attack may look like:
How the IFrame parameter handles the user input data.
XSS Payload inputted by the user and stored withing the iframe src=””srcdoc=”XSS Payload”>
XSS confirmed in browser.