Lucene search

K
cvelistChromeCVELIST:CVE-2022-4908
HistoryJul 28, 2023 - 11:26 p.m.

CVE-2022-4908

2023-07-2823:26:49
Chrome
www.cve.org
7
google chrome
iframe sandbox
cross-origin data leak

AI Score

5.3

Confidence

High

EPSS

0.002

Percentile

56.5%

Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "107.0.5304.62",
        "status": "affected",
        "lessThan": "107.0.5304.62",
        "versionType": "custom"
      }
    ]
  }
]

AI Score

5.3

Confidence

High

EPSS

0.002

Percentile

56.5%