CVE-2016-5128 (chrome, v8)

Posted on 2016년 7월 24일2016년 7월 29일 by admin

objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

Source: CVE-2016-5128 (chrome, v8)

답글 남기기 응답 취소