Harry Chen

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 130.0.6723.58 Microsoft Edge (affected versions not specified) Description: The issue is related to an inappropriate implementation in Navigations, allowing a remote attacker to bypass content security policy via a crafted HTML page. This is due to insufficient access control in the component. The exploitation of this issue can enable a remote attacker to bypass existing security restrictions using a specially crafted HTML page. Recommendations: For Google Chrome versions prior to 130.0.6723.58, update to version 130.0.6723.58 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 122.0.6261.57 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in Site Isolation, allowing a remote attacker to bypass content security policy via a crafted HTML page. This could potentially lead to unauthorized access to protected information or cause a denial of service. **Recommendations** For Google Chrome versions prior to 122.0.6261.57, update to version 122.0.6261.57 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.