CVE-2021-21164

Medium

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin…

Chrome·CWE-346·Published 2021-03-09

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

168 chars

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

NVDen

168 chars

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

NVDes

215 chars

La comprobación insuficiente de datos en Chrome en iOS en Google Chrome en iOS versiones anteriores a 89.0.4389.72, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N