Chakra Core is vulnerable to information disclosure. It is because the scripting engine does not properly handle objects in memory. An attacker thus could craft a malicious website and gather users’ system information when the users enter the website.