Google · Google Chrome · CVE-2018-16086
**Name of the Vulnerable Software and Affected Versions**
Google Chrome versions prior to 69.0.3497.81
**Description**
The issue is related to insufficient policy enforcement in the extensions API, allowing an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
**Recommendations**
For versions prior to 69.0.3497.81, update to version 69.0.3497.81 or later to resolve the issue. As a temporary workaround, consider restricting the installation of extensions to only trusted sources until the update is applied.