Vulnerabilities > CVE-2023-2460

047910
CVSS 7.1 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
LOW
Availability impact
NONE
network
low complexity
google
debian
fedoraproject

Summary

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium)

Vulnerable Configurations

Part Description Count
Application
Google