CVE-2020-6487

Medium

Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation…

Chrome·CWE-276·Published 2020-05-21

CVSS

6.5

EPSS

0.02

KEV

Exploits

cve.orgen

168 chars

Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

NVDen

168 chars

Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

NVDes

230 chars

Una aplicación insuficiente de políticas en downloads en Google Chrome versiones anteriores a 83.0.4103.61, permitió a un atacante remoto omitir unas restricciones de navegación por medio de una página HTML especialmente diseñada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N