CVE-2011-3875Improper Input Validation in Google Chrome

CWE-20Improper Input Validation2 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 43.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedOct 25
Latest updateMay 13

Description

Google Chrome before 15.0.874.102 does not properly handle drag and drop operations on URL strings, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDgoogle/chrome< 15.0.874.102

🔴Vulnerability Details

1
GHSA
GHSA-gxvv-2vwq-fcjp: Google Chrome before 152022-05-13
CVE-2011-3875 — Improper Input Validation in Google | cvebase