The Extensions subsystem in Google Chrome prior to 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote malicious users to bypass the Same Origin Policy and obtain sensitive information via a crafted extension.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell suse package hub for suse linux enterprise 12 |
||
opensuse leap 42.1 |
||
google chrome |
||
debian debian linux 8.0 |