Lucene search

K
cvelistChromeCVELIST:CVE-2023-5479
HistoryOct 11, 2023 - 10:28 p.m.

CVE-2023-5479

2023-10-1122:28:53
Chrome
www.cve.org
1
google chrome
extensions api
enterprise policy
security vulnerability

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.4%

Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "118.0.5993.70",
        "status": "affected",
        "lessThan": "118.0.5993.70",
        "versionType": "custom"
      }
    ]
  }
]