The vulnerability of Google Chrome browser allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability exists in the ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp of Blink for Google Chrome. It stems from an improper limitation on resource requests related to SVG files. Exploiting this vulnerability allows malicious actors to circumvent domain restriction...