Google Chrome 'chrome://downloads' Cross Domain Scripting Vulnerability
Google Chrome is prone to a cross-domain scripting vulnerability.
An attacker can exploit this vulnerability to bypass the same-origin policy and obtain potentially sensitive information, or to launch spoofing attacks against other sites.
Versions prior to Chrome 126.96.36.1999 are vulnerable.
NOTE: This issue was previously covered in BID 39603 (Google Chrome prior to 188.8.131.529 Multiple Security Vulnerabilities) but has been assigned its own record to better document it.