Google · Google Chrome · CVE-2021-21136
Name of the Vulnerable Software and Affected Versions:
Google Chrome on Android versions prior to 88.0.4324.96
Description:
The issue is related to insufficient policy enforcement in the WebView component, which can allow a remote attacker to leak cross-origin data. This can be achieved via a crafted HTML page. The vulnerability is associated with a lack of protection for transmitted data, potentially enabling an unauthorized access to sensitive information.
Recommendations:
For versions prior to 88.0.4324.96, update to version 88.0.4324.96 or later to resolve the issue.