Cross site request forgery (csrf)

2012-08-0615:55:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.2%

JSON

Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site.

CPENameOperatorVersion
chromele21.0.1180.56
chromeeq21.0.1180.0
chromeeq21.0.1180.1
chromeeq21.0.1180.2
chromeeq21.0.1180.31
chromeeq21.0.1180.32
chromeeq21.0.1180.33
chromeeq21.0.1180.34
chromeeq21.0.1180.35
chromeeq21.0.1180.36

Name	Operator	Version
chrome	le	21.0.1180.56
chrome	eq	21.0.1180.0
chrome	eq	21.0.1180.1
chrome	eq	21.0.1180.2
chrome	eq	21.0.1180.31
chrome	eq	21.0.1180.32
chrome	eq	21.0.1180.33
chrome	eq	21.0.1180.34
chrome	eq	21.0.1180.35
chrome	eq	21.0.1180.36