CVE-2020-6490

Medium

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk…

Chrome·CWE-668·Published 2020-05-21

CVSS

4.3

EPSS

0.01

KEV

Exploits

cve.orgen

189 chars

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.

NVDen

189 chars

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.

NVDes

277 chars

Una comprobación insuficiente de datos en loader en Google Chrome versiones anteriores a la versión 83.0.4103.61, permitió a un atacante remoto que había sido capaz de escribir en el disco filtrar datos de tipo cross-origin por medio de una página HTML especialmente diseñada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N