URL Bar Spoofing Vulnerability in Google Chrome for Android

URL Bar Spoofing Vulnerability in Google Chrome for Android

CVE-2015-1261 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java in Google Chrome before 43.0.2357.65 on Android does not properly restrict use of a URL's fragment identifier during construction of a page-info popup, which allows remote attackers to spoof the URL bar or deliver misleading popup content via crafted text.

Learn more about our Cis Benchmark Audit For Google Chrome.