Описание
core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask functions.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 43.0.2357.81-0ubuntu1.1179 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [43.0.2357.81-0ubuntu0.14.04.1.1089]] |
| precise | ignored | |
| trusty | released | 43.0.2357.81-0ubuntu0.14.04.1.1089 |
| trusty/esm | DNE | trusty was released [43.0.2357.81-0ubuntu0.14.04.1.1089] |
| upstream | released | 43.0.2357.65 |
| utopic | released | 43.0.2357.81-0ubuntu0.14.10.1.1131 |
| vivid | released | 43.0.2357.81-0ubuntu0.15.04.1.1170 |
| wily | released | 43.0.2357.81-0ubuntu1.1179 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.7.8-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.7.8-0ubuntu0.14.04.1]] |
| precise | DNE | |
| trusty | released | 1.7.8-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1.7.8-0ubuntu0.14.04.1] |
| upstream | released | 1.7.8 |
| utopic | released | 1.7.8-0ubuntu0.14.10.1 |
| vivid | released | 1.7.8-0ubuntu0.15.04.1 |
| wily | released | 1.7.8-0ubuntu1 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask functions.
core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask functions.
core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in ...
core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask functions.
Уязвимость браузера Google Chrome, позволяющая нарушителю внедрить команды в выполняемый сценарий
EPSS
7.5 High
CVSS2