Описание
Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-apps/noble | not-affected | code not present |
| esm-infra/focal | DNE | focal was not-affected [code not present] |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| noble | not-affected | code not present |
| upstream | released |
Показывать по
4.3 Medium
CVSS3
Связанные уязвимости
Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Chromium: CVE-2024-7978 Insufficient policy enforcement in Data Transfer
Insufficient policy enforcement in Data Transfer in Google Chrome prio ...
Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Уязвимость пользовательского интерфейса браузеров Google Chrome и Microsoft Edge, позволяющая нарушителю раскрыть защищаемую информацию
4.3 Medium
CVSS3