chromoium is vulnerable to same origin policy bypass. Failure to dismiss http auth dialogs on navigation in Network Authentication allows a remote attacker to confuse the user about the origin of an auto dialog via a malicious HTML page.
CPE | Name | Operator | Version |
---|---|---|---|
chromium:stretch | eq | 70.0.3538.110-1~deb9u1 | |
chromium:stretch | eq | 70.0.3538.110-1~deb9u1 |