CVE-2017-5110

Summary

Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page.

Affected Software

VendorProductVersion RangeStatus
n/aGoogle Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and AndroidGoogle Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Androidaffected

Weaknesses

  • Inappropriate implementation

ADP Enrichment

CVE Program Container

Additional References

References