exploitDog

CVE-2015-6784

Опубликовано: 01 дек. 2015

Источник: redhat

CVSS2: 4.3

EPSS Низкий

Описание

The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring.

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1287499chromium-browser: Escaping issue in saved pages

EPSS

Процентиль: 72%

0.00733

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2015-6784

ubuntu

около 10 лет назад

The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring.

CVE-2015-6784

nvd

около 10 лет назад

The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring.

CVE-2015-6784

debian

около 10 лет назад

The page serializer in Google Chrome before 47.0.2526.73 mishandles Ma ...

GHSA-hrf4-f43m-jqm2

github

больше 3 лет назад

The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments for URLs containing a "--" sequence, which might allow remote attackers to inject HTML via a crafted URL, as demonstrated by an initial http://example.com?-- substring.

openSUSE-SU-2015:2291-1

suse-cvrf

около 10 лет назад

Security update for Chromium

EPSS

Процентиль: 72%

0.00733

Низкий

4.3 Medium

CVSS2