Leaking of an SVG shadow tree leading to corruption of the DOM tree in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2017-01-19T05:43:00
Updated: 2024-08-06T00:53:48.708Z
Reserved: 2016-05-31T00:00:00
Link: CVE-2016-5204
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-01-19T05:59:00.387
Modified: 2023-11-07T02:33:27.283
Link: CVE-2016-5204
Redhat