First published: Sat Jul 23 2016(Updated: )
objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Chrome | <=51.0.2704.106 | |
Google V8 | =5.2.360 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.