Insufficient policy enforcement in Omnibox in Google Chrome before 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
debian debian linux 9.0 |