Описание
Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.
Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.
Insufficient data validation in CORS in Google Chrome prior to 76.0.38 ...
Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.
Уязвимость веб-браузера Google Chrome, связанная с некорректной фильтрацией портов в CORS, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
4.3 Medium
CVSS3