logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2015-1261

Description

android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java in Google Chrome before 43.0.2357.65 on Android does not properly restrict use of a URL's fragment identifier during construction of a page-info popup, which allows remote attackers to spoof the URL bar or deliver misleading popup content via crafted text.


Affected Software


CPE Name Name Version
debian:debian_linux debian debian linux 8.0
google:chrome google chrome 42.0.2311.107

Related