Описание
Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Ссылки
- Vendor Advisory
- Issue TrackingPermissions RequiredVendor Advisory
- Third Party Advisory
- Vendor Advisory
- Issue TrackingPermissions RequiredVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
4.3 Medium
CVSS3
Дефекты
Связанные уязвимости
Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Chromium: CVE-2022-2611 Inappropriate implementation in Fullscreen API
Inappropriate implementation in Fullscreen API in Google Chrome on And ...
Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Уязвимость реализации стандарта полноэкранного API (Fullscreen API) браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
4.3 Medium
CVSS3