CVE-2020-6400

Medium

Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a…

Chrome·CWE-203·Published 2020-02-11

CVSS

6.5

EPSS

0.02

KEV

Exploits

cve.orgen

152 chars

Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

NVDen

152 chars

Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

NVDes

193 chars

Una implementación inapropiada en CORS en Google Chrome versiones anteriores a 80.0.3987.87, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N