CVE-2017-15427

Summary

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.

Affected Software

VendorProductVersion RangeStatus
n/aGoogle Chrome prior to 63.0.3239.84 unknownGoogle Chrome prior to 63.0.3239.84 unknownaffected

Weaknesses

  • Insufficient Policy Enforcement

ADP Enrichment

CVE Program Container

Additional References

References