CVE-2021-21131

Medium

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem…

Chrome·CWE-59·Published 2021-02-09

CVSS

6.5

EPSS

0.08

KEV

Exploits

cve.orgen

174 chars

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

NVDen

174 chars

Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

NVDes

231 chars

Una aplicación de políticas insuficientes en File System API en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir las restricciones del sistema de archivos por medio de una página HTML diseñada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N