CVE-2016-1652

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 50.0.2661.75 Opera versions prior to 50.0.2661.75 (no specific version range provided)

Description A cross-site scripting (XSS) issue exists in the ModuleSystem::RequireForJsInner function, allowing remote attackers to inject arbitrary web script or HTML via a crafted web site. This can be exploited to gain unauthorized access to a system. The issue is also known as "Universal XSS (UXSS)".

Recommendations For Google Chrome versions prior to 50.0.2661.75, update to version 50.0.2661.75 or later to resolve the issue. For Opera, since no specific fixed version is mentioned, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to potentially vulnerable web sites to minimize the risk of exploitation.