Описание
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium)
Ссылки
- Release Notes
- Permissions Required
Уязвимые конфигурации
Одновременно
EPSS
6.1 Medium
CVSS3
Дефекты
Связанные уязвимости
Insufficient data validation in Omnibox in Google Chrome on Android pr ...
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium)
Уязвимость адресной строки Omnibox браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю выполнить межсайтовые сценарные атаки
EPSS
6.1 Medium
CVSS3