Google V8, as used in Google Chrome prior to 14.0.835.163, allows remote malicious users to bypass the Same Origin Policy via unspecified vectors.
google chrome