The Document::open function in WebKit/Source/core/dom/Document.cpp in Google Chrome before 47.0.2526.73 does not ensure that page-dismissal event handling is compatible with modal-dialog blocking, which makes it easier for remote attackers to spoof Omnibox content via a crafted web site.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2015-12-06T01:00:00
Updated: 2024-08-06T07:29:24.533Z
Reserved: 2015-08-31T00:00:00
Link: CVE-2015-6782
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-12-06T01:59:19.557
Modified: 2023-11-07T02:27:12.163
Link: CVE-2015-6782
Redhat