CVE-2020-6443

High

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user…

Chrome·CWE-345·Published 2020-04-13

CVSS

8.8

EPSS

0.02

KEV

Exploits

cve.orgen

206 chars

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.

NVDen

206 chars

NVDes

261 chars

Una comprobación insuficiente de datos en developer tools en Google Chrome versiones anteriores a 81.0.4044.92, permitió a un atacante remoto que había convencido al usuario de utilizar devtools ejecutar código arbitrario por medio de una página HTML diseñada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H