Endpoint Vulnerability

Security Vulnerability CVE-2017-5018 for Google Chrome

Description

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

Affected Products

Google Chrome

References

CVE-2017-5018,