EPSS
Percentile
88.7%
Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.
bugzilla.redhat.com/show_bug.cgi?id=1503542
chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html