Security News > 2022 > August > Chrome patches 24 security holes, enables “Sanitizer” safety system
According to Google, this new version includes 24 security fixes, though none of them are reported as "In-the-wild", which means that there weren't any zero-days patched this time.
Suddenly, bug-free code elsewhere in the program behaves as if it were buggy itself, thanks to the flaw in your code that just invalidated what was in memory.
Attackers who can figure out a way to manipulate the timing of your code's unexpected intervention may be able not only to crash the program at will, but also to wrest control from it, thus causing what's known as remote code execution.
Because you would be allowing me to inject untrusted JavaScript code of my choosing directly into your web page, where my code could read your cookies and access data that would otherwise be off-limits.
Then Chrome will scan the proposed new HTML string for security problems first, and automatically remove any text that could pose a risk.
Learn about the new Sanitizer and setHTML() functionality by reading advice from Google and the MDN Web Docs.