CVE-2016-5192 in Chromeinfo

Summary

Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

05/31/2016

Disclosure

12/17/2016

Moderation

VulDB entry created

Entries

VDB-94597 (1)

CPE

ready

CWE

CWE-284 (Confirmed)

CVSS

6.4

EPSS

0.00242

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-5192
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-5192
CVE Details	https://www.cvedetails.com/cve/CVE-2016-5192/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!