Medium severity6.1NVD Advisory· Published Feb 17, 2017· Updated Jun 17, 2026
CVE-2017-5018
CVE-2017-5018
Description
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- osv-coords2 versionspkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP2
< 93.0.4577.82-1.1+ 1 more
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 56.0.2924.87-5.1
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.