7 matches found
CVE-2026-5892
CVE-2026-5892 affects Google Chrome/Chromium PWAs. The root cause is insufficient policy enforcement for PWAs in the renderer, allowing a remote attacker who had compromised the renderer to install a PWA without user consent via a crafted HTML page. Affected versions are prior to 147.0.7727.55 (C...
EUVD-2018-17846
Malware in sbrugna...
CVE-2018-6083
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...
CVE-2018-6083
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...
Authorization
Failure to disallow PWA installation from CSP sandboxed pages in AppManifest in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to access privileged APIs via a crafted HTML page...
CVE-2018-6083
CVE-2018-6083 affects Google Chrome and Chromium-based products due to an issue in AppManifests handling for CSP sandboxed pages, where the browser failed to disallow PWA installation from sandboxed contexts. The root cause is improper processing of AppManifests, enabling a remote attacker to acc...
CVE-2018-6083
Removed by vendor...