NuytsTech Security

CVE-2016-5192

by ·

Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages.

Date published : 2016-12-17

http://www.securityfocus.com/bid/93528

https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html

Tags: