CVE-2022-0120

Medium

Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin…

Chrome·CWE-346·Published 2022-02-11

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

169 chars

Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website.

NVDen

169 chars

Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website.

NVDes

210 chars

Una implementación inapropiada en Passwords en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto filtrar potencialmente datos de origen cruzado por medio de un sitio web malicioso

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N