Total vulnerabilities in the database
The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
Software | From | Fixed in |
---|---|---|
opensuse / opensuse | 13.1 | 13.1.x |
debian / debian_linux | 8.0 | 8.0.x |
google / chrome | - | 50.0.2661.87.x |