Описание
Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
Ссылки
- Release NotesVendor Advisory
- Issue TrackingPermissions Required
- Release NotesVendor Advisory
- Issue TrackingPermissions Required
Уязвимые конфигурации
Одновременно
EPSS
4.3 Medium
CVSS3
Дефекты
Связанные уязвимости
Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
Chromium: CVE-2022-4188 Insufficient validation of untrusted input in CORS
Insufficient validation of untrusted input in CORS in Google Chrome on ...
Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
Уязвимость реализации механизма CORS браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю обойти ограничения безопасности
EPSS
4.3 Medium
CVSS3