CVE-2017-15427

Опубликовано: 06 дек. 2017

Источник: redhat

CVSS3: 4.3

Описание

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1523141chromium-browser: insufficient blocking of javascript in omnibox

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2017-15427

CVSS3: 6.1

ubuntu

больше 7 лет назад

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.

CVE-2017-15427

CVSS3: 6.1

nvd

больше 7 лет назад

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.

CVE-2017-15427

CVSS3: 6.1

debian

больше 7 лет назад

Insufficient policy enforcement in Omnibox in Google Chrome prior to 6 ...

GHSA-gg83-hqv8-6j9v

CVSS3: 6.1

github

больше 3 лет назад

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.

openSUSE-SU-2017:3244-1

suse-cvrf

около 8 лет назад

Security update for chromium

4.3 Medium

CVSS3