3 matches found
SUSE CVE-2016-1617
The CSPSource::schemeMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Security Policy CSP implementation in Blink, as used in Google Chrome before 48.0.2564.82, does not apply http policies to https URLs and does not apply ws policies to wss URLs, which makes it easie...
HackerOne: Report Private Links Leaks to Google Analytics via Query String Param
Hello HackerOne Team, According to HackerOne privacy HackerOne sometimes partners with third-party services which may use various tracking technologies to provide certain services or features, including targeted online marketing. These technologies allow a partner to recognize your computer or...
The vulnerability of Google Chrome’s browser allows a hacker to determine which website was visited using an HSTS connection.
The vulnerability of the CSPSource::schemeMatches function in the WebKit/Source/core/frame/csp/CSPSource.cpp file of the Content Security Policy implementation in the Blink component of the Google Chrome browser is related to the lack of application of http policies for https addresses and ws...