Google Chrome prior to 14.0.835.163 allows user-assisted remote malicious users to spoof the URL bar via vectors related to the forward button.
google chrome