core/html/parser/HTMLConstructionSite.cpp in the DOM implementation in Blink, as used in Google Chrome before 43.0.2357.65, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that appends a child to a SCRIPT element, related to the insert and executeReparentTask functions.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: Chrome
Published: 2015-05-20T10:00:00
Updated: 2024-08-06T04:40:17.074Z
Reserved: 2015-01-21T00:00:00
Link: CVE-2015-1253

No data.

Status : Modified
Published: 2015-05-20T10:59:05.557
Modified: 2024-11-21T02:24:59.720
Link: CVE-2015-1253
