Same Origin Policy Bypass in Blink's Document Reattachment Handling

Same Origin Policy Bypass in Blink's Document Reattachment Handling

CVE-2016-1675 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same Origin Policy by leveraging the mishandling of Document reattachment during destruction, related to FrameLoader.cpp and LocalFrame.cpp.

Learn more about our Cis Benchmark Audit For Google Chrome.