High severity8.8NVD Advisory· Published Jan 19, 2017· Updated Jun 17, 2026
CVE-2016-5196
CVE-2016-5196
Description
The content renderer client in Google Chrome prior to 54.0.2840.85 for Android insufficiently enforced the Same Origin Policy amongst downloaded files, which allowed a remote attacker to access any downloaded file and interact with sites, including those the user was logged into, via a crafted HTML page.
Affected products
2Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.