CVE-2019-5811

Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

Date published : 2019-06-27

https://seclists.org/bugtraq/2019/Aug/19

https://www.debian.org/security/2019/dsa-4500