CVE-2018-16072

Summary

A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

Affected Software

VendorProductVersion RangeStatus
GoogleChromeunspecified < 69.0.3497.81affected

Weaknesses

  • Insufficient policy enforcement

ADP Enrichment

CVE Program Container

Additional References

References