CVE-2016-5132 in Chrome信息

摘要

由 VulDB • 2026-07-11

Google Chrome 52.0.2743.82 之前的版本中,Service Workers 子系统在决定是否控制子帧时未正确实现 Secure Contexts 规范,这允许远程攻击者通过在 HTTP iframe 元素内的 HTTPS iframe 元素绕过同源策略(Same Origin Policy)。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Interested in the pricing of exploits?

See the underground prices here!