Launchpad.net

CVE 2011-2826

Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty origins.

See the CVE page on Mitre.org for more details.