Chrome Universal XSS through bypassing ScopedPageSuspender with closing windows (CVE-2017-5007)

VULNERABILITY DETAILS ScopedPageSuspender works by taking pages from Page::ordinaryPages and marking them as suspended. When the window. close is called, the following operations are performed: From /thirdparty/WebKit/Source/web/ChromeClientImpl.cpp: void ChromeClientImpl::closeWindowSoon // Make...