Vulnerabilities

CVE-2016-1667

by Fred · 14/05/2016

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

Date published : 2016-05-14

http://www.securityfocus.com/bid/90584

http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html

Similar

Tags: Cybersecurity Alert