📄 Adobe Acrobat Chrome 1.41.100 Cross Site Scripting

Adobe Acrobat Chrome extension version 1.41.100 suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : Adobe Acrobat Chrome V 1.41.100 Extension DOM...

CVE-2021-43531

When a user loaded a Web Extensions context menu, the Web Extension could access the post-redirect URL of the element clicked. If the Web Extension lacked the WebRequest permission for the hosts involved in the redirect, this would be a same-origin-violation leaking data the Web Extension should...

Chrome: bypass for download filetype blacklist, extension->native privesc

This bug report describes a vulnerability that can be used by an extension with some permissions to escalate to native code execution on Linux desktops if Java is installed. No user interaction is required. Chrome permits extensions with appropriate permissions "downloads" and "downloads. open" t...

Code injection

Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors...

Google Chrome < 5.0.375.55 Multiple Vulnerabilities

Binary data 800925.prm...