logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2015-1253

Description

core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask functions.


Affected Software


CPE Name Name Version
debian:debian_linux debian debian linux 8.0
google:chrome google chrome 42.0.2311.152

Related