Lucene search

K
cvelistChromeCVELIST:CVE-2023-5480
HistoryNov 01, 2023 - 5:13 p.m.

CVE-2023-5480

2023-11-0117:13:59
Chrome
www.cve.org
5
cve-2023-5480
google chrome
xss
remote attacker
malicious file
chromium
high severity

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

42.8%

Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Chrome",
    "versions": [
      {
        "version": "119.0.6045.105",
        "status": "affected",
        "lessThan": "119.0.6045.105",
        "versionType": "custom"
      }
    ]
  }
]