Описание
XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 64.0.3282.119-0ubuntu0.17.10.1 |
| bionic | released | 64.0.3282.119-0ubuntu1 |
| cosmic | released | 64.0.3282.119-0ubuntu1 |
| devel | released | 64.0.3282.119-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [64.0.3282.119-0ubuntu0.14.04.1]] |
| precise/esm | DNE | |
| trusty | released | 64.0.3282.119-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [64.0.3282.119-0ubuntu0.14.04.1] |
| upstream | released | 64.0.3282.119 |
| xenial | released | 64.0.3282.119-0ubuntu0.16.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [Ubuntu touch end-of-life]] |
| esm-infra/xenial | ignored | Ubuntu touch end-of-life |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [Ubuntu touch end-of-life] |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
4.3 Medium
CVSS3
Связанные уязвимости
XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.
XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.
XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure th ...
XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.
EPSS
4.3 Medium
CVSS2
4.3 Medium
CVSS3