CVE-2015-1281 in Chrome
摘要
由 VulDB • 2026-06-02
core/loader/ImageLoader.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly determine the V8 context of a microtask, which allows remote attackers to bypass Content Security Policy (CSP) restrictions by providing an image from an unintended source.
If you want to get best quality of vulnerability data, you may have to visit VulDB.