CVE-2025-5065

Medium

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI…

Chrome·CWE-451·Published 2025-05-27

CVSS

6.5

EPSS

0.00

KEV

Exploits

cve.orgen

203 chars

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

NVDen

203 chars

NVDes

252 chars

Una implementación incorrecta de la API FileSystemAccess en Google Chrome anterior a la versión 137.0.7151.55 permitía a un atacante remoto suplantar la interfaz de usuario mediante una página HTML manipulada. (Gravedad de seguridad de Chromium: Media)

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	6.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
3.1	Primary	cve.org	6.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N