CVE-2022-1492

2022-07-2621:33:55

Chrome

www.cve.org

data validation

google chrome

remote attack

script injection

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

52.6%

JSON

Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page.

CNA Affected

[
  {
    "product": "Chrome",
    "vendor": "Google",
    "versions": [
      {
        "lessThan": "101.0.4951.41",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]