Endpoint Vulnerability

Security Vulnerability CVE-2016-5192 for Google Chrome

Description

Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages.

Affected Products

Google Chrome

References

CVE-2016-5192,