logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2015-1253

Description

core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask functions.


Affected Package


OS OS Version Package Name Package Version
Debian 9 chromium-browser 70.0.3538.110-1~deb9u1

Related