CVE-2017-15387

Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt