Igor Sak-Sakovskii

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 116.0.5845.96 **Description** The issue is related to insufficient validation of untrusted input in XML, allowing a remote attacker to bypass file access restrictions via a crafted HTML page. This can impact the confidentiality, integrity, and availability of protected information. The vulnerability is associated with the `document()` method and external entities in Libxslt, enabling arbitrary file reading. **Recommendations** For Google Chrome versions prior to 116.0.5845.96, update to version 116.0.5845.96 or later to resolve the issue. As a temporary workaround, consider restricting the use of XML-related features in Google Chrome until a patch is applied. Avoid using the `document()` method with external entities in Libxslt to minimize the risk of exploitation.