Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-15387

Опубликовано: 17 окт. 2017
Источник: redhat
CVSS3: 6.5

Описание

Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1503542chromium-browser: content security bypass

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-15387

CVSS3: 8.8
ubuntu
почти 8 лет назад

Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.

nvd логотип

CVE-2017-15387

CVSS3: 8.8
nvd
почти 8 лет назад

Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.

debian логотип

CVE-2017-15387

CVSS3: 8.8
debian
почти 8 лет назад

Insufficient enforcement of Content Security Policy in Blink in Google ...

github логотип

GHSA-v9h4-v847-3j62

CVSS3: 8.8
github
больше 3 лет назад

Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.

suse-cvrf логотип

openSUSE-SU-2017:2902-1

suse-cvrf
больше 8 лет назад

Security update for chromium

6.5 Medium

CVSS3

Уязвимость CVE-2017-15387