CVE-2024-5840 Information

Description

Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)

Reference

https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html https://issues.chromium.org/issues/41492103