Lucene search
ChromeCVE-2024-8907HistorySep 17, 2024 - 9:15 p.m.
CVE-2024-8907
2024-09-1721:15:13
Chrome
web.nvd.nist.gov
14
20
cve-2024-8907
omnibox
google chrome
android
ui gestures
xss
chromium security
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium)
Affected configurations
Node
googlechromeRange<129.0.6668.58
CNA Affected
[
{
"vendor": "Google",
"product": "Chrome",
"versions": [
{
"version": "129.0.6668.58",
"status": "affected",
"lessThan": "129.0.6668.58",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
osv
osv
CVE-2024-8907
2024-09-17 21:15:13
cvelist
cvelist
CVE-2024-8907
2024-09-17 21:07:19
vulnrichment
vulnrichment
CVE-2024-8907
2024-09-17 21:07:19
debiancve
debiancve
CVE-2024-8907
2024-09-17 21:15:13
nvd
nvd
CVE-2024-8907
2024-09-17 21:15:13
mscve
mscve
Chromium: CVE-2024-8907 Insufficient data validation in Omnibox
2024-09-19 14:12:14
nessus
nessus
Google Chrome < 129.0.6668.58 Multiple Vulnerabilities
2024-09-17 00:00:00
Google Chrome < 129.0.6668.58 Multiple Vulnerabilities
2024-09-17 00:00:00
kaspersky
kaspersky
KLA73437 Multiple vulnerabilities in Google Chrome
2024-09-17 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2024-09-17 00:00:00