Headline
CVE-2022-1494
Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page.
Related news
Gentoo Linux Security Advisory 202208-25
Gentoo Linux Security Advisory 202208-25 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p20220618>= are affected.
Untrusted types: Researcher demos trick to beat Trusted Types protection in Google Chrome
Flaws in protection mechanism leaves websites more exposed to DOM XSS-based attacks