5 matches found
Chrome Universal XSS via same document navigations (CVE-2016-1711)
VULNERABILITY DETAILS FrameLoader::loadInSameDocument is vulnerable to a problem similar to the one described in issue 613266: void FrameLoader::loadInSameDocumentconst KURL& url, ... ... // If we have a provisional request for a different document, a fragment scroll should cancel it...
[SECURITY] [DSA 3637-1] chromium-browser security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3637-1 [email protected] https://www.debian.org/security/ Michael Gilbert July 31, 2016 https://www.debian.org/security/faq -...
CVE-2016-1711
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...
CVE-2016-1711
CVE-2016-1711 is a Same-Origin Policy bypass in Blink used by Google Chrome prior to 52.0.2743.82. The root cause is that WebKit/Blink’s FrameLoader.cpp did not disable frame navigation during a detach operation on a DocumentLoader object, allowing a crafted website to bypass SOP. Public referenc...
CVE-2016-1711
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site...