The WebContentsImpl::FocusLocationBarByDefault function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 50.0.2661.75 mishandles focus for certain about:blank pages, which allows remote attackers to spoof the address bar via a crafted URL.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Debian_linux | Debian | 8.0 (including) | 8.0 (including) |