CVE-2021-4068

Medium

Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via…

Chrome·CWE-116·Published 2021-12-23

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

160 chars

Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

NVDen

160 chars

Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

NVDes

208 chars

Una comprobación insuficiente de datos en new tab page en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N