Bookmark handling in Google Chrome before 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation of supplied data, which allowed a remote malicious user to inject arbitrary scripts or HTML (UXSS) via crafted HTML pages, as demonstrated by an interpretation conflict between userinfo and scheme in an javascript:payload@example.com URL.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
google chrome |
None critical, some embarrassing, all worth the auto-upgrade
Google has patched 21 bugs in its Chrome web browser, closing six high-severity holes along the way. Mountain View paid US$29,133 for the bugs including a top pay out of US$7500 (CVE-2016-5181) for a universal cross-site scripting hole in Blink, and US$5500 (CVE-2016-5182) for a heap overflow in the same web browser engine. Four vulnerabilities affecting the Blink engine were patched including a cross-origin bypass and a user-after-free, but Google did not reveal further details. Two user-after-...
Vulmon