Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2015-1254

Disclosure Date: May 20, 2015
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Technical Analysis