exploitDog

GHSA-xfj5-q6qf-8jjc

Опубликовано: 26 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.6

Описание

Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website.

Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website.

Ссылки

EPSS

Процентиль: 14%

0.00046

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2024-52928

CVSS3: 9.6

nvd

8 месяцев назад

Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website.

EPSS

Процентиль: 14%

0.00046

Низкий

9.6 Critical

CVSS3

CVE ID

Дефекты

CWE-284