Marius.Mlynski

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 55.0.2883.75 Google Chrome for Android versions prior to 55.0.2883.84 **Description** The issue exists due to the lack of protection for the web page structure in the Blink component of Google Chrome. This allows a remote attacker to obtain information about the integration platform and operating system using a specially crafted HTML page. The vulnerability is caused by the leaking of an SVG shadow tree, leading to corruption of the DOM tree, which enables a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page. **Recommendations** For Google Chrome versions prior to 55.0.2883.75, update to version 55.0.2883.75 or later. For Google Chrome for Android versions prior to 55.0.2883.84, update to version 55.0.2883.84 or later. As a temporary workaround, consider restricting access to crafted HTML pages to minimize the risk of exploitation.