Endpoint Vulnerability

Security Vulnerability CVE-2016-1657 for Google Chrome

Description

The WebContentsImpl::FocusLocationBarByDefault function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 50.0.2661.75 mishandles focus for certain about:blank pages, which allows remote attackers to spoof the address bar via a crafted URL.

Affected Products

Google Chrome

References

CVE-2016-1657,