CVE 2021-30589
Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.
See the 
CVE page on Mitre.org
for more details.
