Failure to take advantage of available mitigations in credit card autofill in Google Chrome prior to 59.0.3071.92 for Android allowed a local attacker to take screen shots of credit card information via a crafted HTML page.
[
{
"product": "Google Chrome prior to 59.0.3071.92 for Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Google Chrome prior to 59.0.3071.92 for Android"
}
]
}
]
www.securityfocus.com/bid/98861
www.securitytracker.com/id/1038622
access.redhat.com/errata/RHSA-2017:1399
chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html
crbug.com/721579
security.gentoo.org/glsa/201706-20
wwws.nightwatchcybersecurity.com/2017/07/27/chrome-for-android-didnt-use-flag_secure-for-credit-card-prefill-settings-cve-2017-5082/