CVE-2021-21139

Medium

Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation…

Chrome·CWE-1021·Published 2021-02-09

CVSS

6.5

EPSS

0.05

KEV

Exploits

cve.orgen

170 chars

Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

NVDen

170 chars

Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

NVDes

209 chars

Una implementación inapropiada en iframe sandbox en Google Chrome versiones anteriores a 88.0.4324.96, permitió a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N