CVE-2016-5147

Source
Severity High
Remote Yes
Type Cross-site scripting
Description
Blink, as used in Google Chrome, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."
Group Package Affected Fixed Severity Status Ticket
AVG-109 qt5-webengine 5.7.0-7 5.7.1-1 Critical Fixed
Date Advisory Group Package Severity Description
17 Dec 2016 ASA-201612-18 AVG-109 qt5-webengine Critical multiple issues
References
https://bugs.chromium.org/p/chromium/issues/detail?id=628942