Vulnerabilities

CVE-2015-6772

by Fred · 05/12/2015

The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin.

Date published : 2015-12-05

http://www.securityfocus.com/bid/78416

http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html

Similar

Tags: Cybersecurity Alert