Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-5018

Опубликовано: 25 янв. 2017
Источник: redhat
CVSS3: 6.5

Описание

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1416670chromium-browser: universal xss in chrome://apps

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-5018

CVSS3: 6.1
ubuntu
почти 9 лет назад

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

nvd логотип

CVE-2017-5018

CVSS3: 6.1
nvd
почти 9 лет назад

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

debian логотип

CVE-2017-5018

CVSS3: 6.1
debian
почти 9 лет назад

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56 ...

github логотип

GHSA-6xg6-mxpp-jx88

CVSS3: 6.1
github
больше 3 лет назад

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

suse-cvrf логотип

openSUSE-SU-2017:0499-1

suse-cvrf
почти 9 лет назад

Security update of chromium

6.5 Medium

CVSS3