CVE-2016-1627

CVE-2016-1627 affects Google Chrome DevTools before 48.0.2564.109. The vulnerability arises because DevTools does not validate URL schemes and does not ensure that the remoteBase parameter is tied to chrome-devtools-frontend.appspot.com, enabling a remote attacker to bypass access restrictions. A...

CVE-2016-1627

The Developer Tools aka DevTools subsystem in Google Chrome before 48.0.2564.109 does not validate URL schemes and ensure that the remoteBase parameter is associated with a chrome-devtools-frontend.appspot.com URL, which allows remote attackers to bypass intended access restrictions via a crafted...

Solving rendering performance puzzles

You're missing demos in this post because JavaScript or inline SVG isn't available. The Chrome team are often asked to show the process of debugging a performance issue, including how to select tools and interpret results. Well, I was recently hit by an issue that required a bit of digging, here'...

Stable Channel Update

The Stable channel has been updated to 21.0.1180.89 for Linux, Mac, Windows and Chrome Frame This build fixes the following issues: Several Pepper Flash fixes Issue 140577, 144107, 140498, 142479. Microphone issues with tinychat.com Issue: 143192 devtools regression with "save as" of edited sourc...

Papoo 1.0.3 - Plugin.php Authentication Bypass

Papoo 1.0.3 - Plugin.php Authentication Bypass source: https://www.securityfocus.com/bid/24634/info Papoo is prone to an authentication-bypass vulnerability because the application fails to check user privileges when accessing the administration pages. An attacker can exploit this issue to gain...