Lucene search

RedosROS-20240726-07

HistoryJul 26, 2024 - 12:00 a.m.

ROS-20240726-07

2024-07-2600:00:00

redos.red-soft.ru

google chrome

sign-in

vulnerability

bypass navigation

html page

remote execution

cross-site scripting

unix

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

6.5

Confidence

Low

JSON

A vulnerability in the Sign-In component of the Google Chrome browser is related to the ability to bypass navigation restrictions
using a specially crafted HTML page. Exploitation of the vulnerability could allow an attacker,
acting remotely, to execute cross-site scripted attacks

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64chromium< 124.0.6367.78-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
redos	7.3	x86_64	chromium	< 124.0.6367.78-1	UNKNOWN

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

AI Score

6.5

Confidence

Low

JSON

Related for ROS-20240726-07