chromium does not properly performs same origin policy checks. A renderer initiated back navigation incorrectly cancels a browser initiated back nagivation and allows a remote attacker to confuse the user’s browser on the origin of the current page via a malicious HTML page.
CPE | Name | Operator | Version |
---|---|---|---|
chromium:stretch | eq | 70.0.3538.110-1~deb9u1 | |
chromium:stretch | eq | 70.0.3538.110-1~deb9u1 |