The vulnerability in the implementation of the API technology used by CSS Paint in the Google Chrome browser allows attackers to disclose protected information.

The vulnerability of the API implementation in Google Chrome’s CSS Paint technology lies in the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information through a specially created HTML page...