Google Chrome before 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote malicious user to inject scripts or HTML into a privileged page via a crafted HTML page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |