QwikSec

Security Database

CVE

CWE

Training

CVE-2016-5226

Published: Jan 19, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac executed javascript: URLs entered in the URL bar in the context of the current tab, which allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.

Vendor	Product	Versions
n/a	Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac	affected `Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac`

References

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

https://crbug.com/639750

x_refsource_CONFIRM

https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.