In this short talk. I will go over a bug CVE-2019-5832 in Chrome’s XHR implementation, that I reported. We’ll discuss real and hypothetical consequences of exploiting the bug in the wild.