net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome prior to 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote malicious users to discover credentials by operating a server with a PAC script, a related issue to CVE-2016-3763.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |