Google · Google Chrome · CVE-2021-38022
**Name of the Vulnerable Software and Affected Versions**
Google Chrome versions prior to 96.0.4664.45
**Description**
The issue is related to an inappropriate implementation in the WebAuthentication mechanism of Google Chrome, which can allow a remote attacker to leak cross-origin data. This can be achieved via a crafted HTML page.
**Recommendations**
For Google Chrome versions prior to 96.0.4664.45, update to version 96.0.4664.45 or later to resolve the issue.