WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-01-14T19:00:00

Updated: 2024-08-07T00:45:12.077Z

Reserved: 2010-01-14T00:00:00

Link: CVE-2010-0315

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-01-14T19:30:00.703

Modified: 2024-11-21T01:11:57.830

Link: CVE-2010-0315

cve-icon Redhat

No data.