DescriptionWebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 22.214.171.124, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SR:2011:002, published Tue, 25 Jan 2011 11:00:00 +0000
- openSUSE-SU-2011:0024-1, published Wed, 12 Jan 2011 16:08:25 +0100 (CET)
SUSE Timeline for this CVECVE page created: Fri Jun 28 03:45:38 2013
CVE page last modified: Fri Oct 7 12:45:53 2022