This issue was fixed in Googles implementation of Navigation in Google Chrome 97.
To exploit this issue, an attacker would have to convince a user to visit a malicious website. End users are not vulnerable to data leakage via Navigation unless the user is coerced into visiting a malicious website.
An example of such a situation could be a phishing attack where the malicious website requests the user's session cookie. If the user is then convinced to visit an attacker-controlled website, the session cookie could be used to access the session history on the original website and thereby read the user's e-mail, chat messages, or other private data.
Impact: An attacker could leverage this issue to access the session history of a website or read the content in private messages. This issue affects all users of Google Chrome on Windows, Mac, and Linux operating systems.
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform a cross-origin request and leak the origin via a crafted HTML page.
To exploit this issue, an attacker would have to convince a user to visit a malicious website. End users are not vulnerable to data leakage via Navigation unless the user is coerced into visiting a malicious website.An example of such a situation could be a phishing attack where the malicious website requests the user's session cookie
A vulnerability in the Navigation feature in Google Chrome prior to version 97.0.4692.71 allows a remote attacker to perform a cross-origin request, leak the origin via a crafted HTML page, and read the content of private messages if exploited.
What is Navigation?
Navigation is the ability to switch between web pages in a browser. It's not just about moving between different pages, but also getting a better view of the content that's on each page. Navigation is important because it allows a user to easily move around the web, and helps users find what they're looking for more quickly.
Bypass CSRF Protection
The content of the window can be changed by an attacker, for example, by changing the text on a webpage with a malicious URL.
The Content Security Policy (CSP) should not be bypassed. If it is bypassed, it is possible to steal user session cookies that could then be used to access the user's session history and read personal information.
There are many ways to bypass the CSRF protection mechanism in Google Chrome:
- A man-in-the-middle attack where a third party intercepts and substitutes communication between the browser and another party.
- Compromising another website or server as part of a targeted attack against a specific website or domain.
This issue affects all users of Google Chrome on Windows, Mac, and Linux operating systems.
What is WebNavigation?
WebNavigation is a feature in the browser that allows developers to create and manage web applications.
This feature enables developers to write scripts that can open new windows, tabs, or navigate back and forth between pages in their web application.
The Navigation API allows developers to create their own event-based system for navigating around the web application.
This issue was fixed in Google Chrome 97.0.4692.71