Bypassing Same Origin Policy via Crafted HTML Document with IFRAME Element in Blink

Bypassing Same Origin Policy via Crafted HTML Document with IFRAME Element in Blink

CVE-2015-1235 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element.

Learn more about our Cis Benchmark Audit For Google Chrome.