CVE-2011-2878 — Google Chrome vulnerability
2 documents2 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 52.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 4
Latest updateMay 13
Description
Google Chrome before 14.0.835.202 does not properly restrict access to the window prototype, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4