VULNERABILITY DETAILS
When the user hovers over the a element,
if a specific character (\u2028 \u2029 ) is included in the link,
the line breaks there and the last line is displayed as the redirect destination.
It can also be reproduced if the character is percent encoded.

It has particular impact on services like github which displays markdown.

An attacker can use it for phishing because the redirect URL can be disguised.
If javascript protocol can be written, it is also possible to make xss harder to notice.

VERSION

Chrome Version: 54.0.2840.98 (64-bit)
Operating System: Mac OSX 10.11.6

REPRODUCTION CASE

* mardkown 
- [link text](https://github.com/[\u2028][\u2028]https://google.com)
- [link text](https://github.com/[\u2029][\u2029]https://google.com)
- [link text](https://github.com/%E2%80%A9%E2%80%A9https://google.com)
- [link text](https://github.com/%E2%80%A9%E2%80%A9https://google.com)

* html

<a href="https://github.com/[\u2028][\u2028]https://google.com">to google</a>
<a href="https://github.com/[\u2029][\u2029]https://google.com">to google</a>
<a href="https://github.com/%E2%80%A8%E2%80%A8https://google.com">to google</a>
<a href="https://github.com/%E2%80%A9%E2%80%A9https://google.com">to google</a>