First published: Sun Aug 07 2016(Updated: )
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access restrictions via a crafted URL, a different vulnerability than CVE-2016-5144.
Credit: cve-coordination@google.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Chrome | <=52.0.2743.82 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.