CVE-2016-5132 in Chromethông tin

Tóm tắt

Bởi MITRE

The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element inside an http IFRAME element.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Đặt trước

31/05/2016

Tiết lộ

23/07/2016

Kiểm duyệt

được chấp nhận

mục

VDB-90240

EPSS

0.01465

KEV

không

Các hoạt động

rất thấp

Nguồn

Do you need the next level of professionalism?

Upgrade your account now!