Launchpad CVE tracker

CVE 2015-6784

The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring.

Related bugs and status

CVE-2015-6784 (Candidate) is related to these bugs:

Bug #1522411: Chromium in Ubuntu still to version 45.0.2454.101 not update to version 46.0.2490.71 as Debian Chromium present version.

Summary				In	Importance	Status
	1522411	Chromium in Ubuntu still to version 45.0.2454.101 not update to version 46.0.2490.71 as Debian Chromium present version.		chromium-browser (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2015-6784

References