2 matches found
SUSE CVE-2015-1261
android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java in Google Chrome before 43.0.2357.65 on Android does not properly restrict use of a URL's fragment identifier during construction of a page-info popup, which allows remote attackers to spoof the URL bar or deliver misleading...
The vulnerability of Google Chrome browser allows a perpetrator to replace data.
The android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java file of the Google Chrome browser contains errors related to improper restriction of URL identifiers when creating pop-up windows. As a result, attackers may be able to replace the data displayed in the pop-up windows...