CVE-2018-16084

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 69.0.3497.81

Description The issue is related to the CustomHandlers component in Google Chrome, which can be exploited to bypass user confirmation dialogs. This can allow a remote attacker to perform cross-site scripting attacks using a specially crafted HTML page. The attacker must convince the user to perform certain operations to exploit this issue.

Recommendations For versions prior to 69.0.3497.81, update to version 69.0.3497.81 or later to resolve the issue. As a temporary workaround, consider restricting the use of CustomHandlers until a patch is applied. Avoid using CustomHandlers with untrusted HTML pages to minimize the risk of exploitation.