Lucene search
ChromeCVELIST:CVE-2024-8907HistorySep 17, 2024 - 9:07 p.m.
CVE-2024-8907
2024-09-1721:07:19
Chrome
www.cve.org
2
omnibox
google chrome
android
data validation
remote attacker
ui gestures
xss
chromium
EPSS
0
Percentile
9.6%
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium)
CNA Affected
[
{
"vendor": "Google",
"product": "Chrome",
"versions": [
{
"version": "129.0.6668.58",
"status": "affected",
"lessThan": "129.0.6668.58",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2024-8907
2024-09-17 21:15:13
cve
cve
CVE-2024-8907
2024-09-17 21:15:13
nvd
nvd
CVE-2024-8907
2024-09-17 21:15:13
vulnrichment
vulnrichment
CVE-2024-8907
2024-09-17 21:07:19
debiancve
debiancve
CVE-2024-8907
2024-09-17 21:15:13
mscve
mscve
Chromium: CVE-2024-8907 Insufficient data validation in Omnibox
2024-09-19 14:12:14
nessus
nessus
Google Chrome < 129.0.6668.58 Multiple Vulnerabilities
2024-09-17 00:00:00
Google Chrome < 129.0.6668.58 Multiple Vulnerabilities
2024-09-17 00:00:00
kaspersky
kaspersky
KLA73437 Multiple vulnerabilities in Google Chrome
2024-09-17 00:00:00
chrome
chrome
Stable Channel Update for Desktop
2024-09-17 00:00:00