chromium is vulnerable to improper input validation. The vulnerability exists due to lack of validation of ancestor frames site when sending lax cookies in navigation in Google Chrome, allowing a malicious user to bypass SameSite cookie policy via a crafted HTML page.
CPE | Name | Operator | Version |
---|---|---|---|
chromium:stretch | eq | 70.0.3538.110-1~deb9u1 | |
chromium:stretch | eq | 70.0.3538.110-1~deb9u1 |