CVE-2018-6169

2019-01-0919:00:00

Chrome

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.0%

JSON

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "68.0.3440.75",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]