CVE-2016-5135

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 52.0.2743.82 Opera versions prior to 52.0.2743.82

Description The issue is related to the WebKit component in the Blink browser, specifically the HTMLPreloadScanner.cpp file. It concerns the lack of checking for referrer-policy information inside an HTML document during a preload request. This can be exploited by a remote attacker to bypass the Content Security Policy (CSP) protection mechanism using a specially crafted web site. The exploitation can override the referrer policy set by the "" element with a "Content-Security-Policy: referrer origin-when-cross-origin" header.

Recommendations For Google Chrome versions prior to 52.0.2743.82, update to version 52.0.2743.82 or later to resolve the issue. For Opera versions prior to 52.0.2743.82, update to version 52.0.2743.82 or later to resolve the issue. As a temporary workaround, consider restricting access to the HTMLPreloadScanner.cpp component until a patch is available. Avoid using the referrer parameter in the affected API endpoints until the issue is resolved.