chromium-browser: Parameter sanitization failure in DevTools

The Developer Tools aka DevTools subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different...

The vulnerability of Google Chrome browser allows a violator to circumvent existing access restrictions.

The vulnerability of the WebKit/Source/devtools/frontend/devtools.js module of the Developer Tools subsystem in the Google Chrome browser’s Blink component arises from the lack of a guarantee that the parameter remoteFrontendUrl will correspond to the address chrome-devtools-frontend.appspot.com...

Google Chrome Access Restriction Bypass Vulnerability (CNVD-2016-03836)

Google Chrome is a web browsing tool developed by Google. In versions of Google Chrome prior to 51.0.2704.79, Blink/DevTools/WebKit/Source/devtools/frontend/devtools.js does not ensure that the remoteFrontendUrl parameter is associated with the chrome-devtools- frontend.appspot.com URL associatio...

chromium-browser: parameter sanitization failure in devtools

WebKit/Source/devtools/frontend/devtools.js in the Developer Tools aka DevTools subsystem in Blink, as used in Google Chrome before 51.0.2704.79, does not ensure that the remoteFrontendUrl parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to...