CVE-2020-6385

High

Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a…

Chrome·CWE-754·Published 2020-02-11

CVSS

8.8

EPSS

0.02

KEV

Exploits

cve.orgen

157 chars

Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.

NVDen

157 chars

Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.

NVDes

206 chars

Una aplicación insuficiente de políticas en storage en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto omitir el aislamiento del sitio por medio de una página HTML diseñada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H