Описание
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | code not present |
| esm-infra/focal | DNE | focal was not-affected [code not present] |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| lunar | not-affected | code not present |
| trusty | ignored | end of standard support |
| upstream | released | |
| xenial | ignored | end of standard support |
Показывать по
8.8 High
CVSS3
Связанные уязвимости
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)
Chromium: CVE-2023-4077 Insufficient data validation in Extensions
Insufficient data validation in Extensions in Google Chrome prior to 1 ...
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)
Уязвимость компонента Extensions (Расширения) браузера Google Chrome, позволяющая нарушителю проводить межсайтовые сценарные атаки
8.8 High
CVSS3