Security Advisory

CVE-2010-1767

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-09-24 18:00:00

Last updated 2024-08-07 01:35:53

Assigner apple

State PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation.

← Browse all CVEs View on cve.org ↗