The vulnerability of Google Chrome allows a violator to obtain confidential information or circumvent existing access restrictions policies.

The vulnerability in the Google Chrome browser’s Extensions subsystem exists due to the improper use of the GetOrigin method. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions or obtain confidential information...

CVE-2016-1658

The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension...