Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trigger unintended JavaScript function calls and bypass the Same Origin Policy via an indirect interception attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Chrome 安全漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。 Google Chrome 53.0.2785.113之前的版本中的扩展子系统存在安全漏洞,该漏洞源于程序没有限制访问Object.prototype的权限。远程攻击者借助间接拦截攻击利用该漏洞载入非预定资源,造成触发器非预定的JavaScript函数调用,绕过同源策略。
CVSS Information
N/A
Vulnerability Type
N/A