Unrated severityNVD Advisory· Published Dec 6, 2015· Updated Jun 17, 2026
CVE-2015-6772
CVE-2015-6772
Description
The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent javascript: URL navigation while a document is being detached, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code that improperly interacts with a plugin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
10- googlechromereleases.blogspot.com/2015/12/stable-channel-update.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.htmlnvd
- www.debian.org/security/2015/dsa-3415nvd
- www.securityfocus.com/bid/78416nvd
- www.securitytracker.com/id/1034298nvd
- www.ubuntu.com/usn/USN-2825-1nvd
- code.google.com/p/chromium/issues/detailnvd
- codereview.chromium.org/1444183003/nvd
- security.gentoo.org/glsa/201603-09nvd
News mentions
0No linked articles in our index yet.