CVE-2024-3844

Medium

Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a…

Chrome·NVD-CWE-noinfo·Published 2024-04-17

CVSS

4.3

EPSS

0.01

KEV

Exploits

cve.orgen

197 chars

Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

NVDen

197 chars

Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

NVDes

256 chars

La implementación inapropiada en Extensiones en Google Chrome anteriores a 124.0.6367.60 permitió a un atacante remoto realizar una suplantación de interfaz de usuario a través de una extensión de Chrome manipulada. (Severidad de seguridad de Chrome: baja)

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	4.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
3.1	Primary	NVD	4.3	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N