Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device.
https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html