CVE-2011-2785Improper Input Validation in Google Chrome

CWE-20Improper Input Validation2 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
0.4%
top 40.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedAug 3
Latest updateMay 13

Description

The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDgoogle/chrome< 13.0.782.107

🔴Vulnerability Details

1
GHSA
GHSA-m72c-ph6x-hg6h: The extensions implementation in Google Chrome before 132022-05-13
CVE-2011-2785 — Improper Input Validation in Google | cvebase