CVE 2017-15391
Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page.
See the 
CVE page on Mitre.org
for more details.
