CVE-2013-2881 — Google Chrome vulnerability

CWE-2642 documents2 sources

Severity

5.8MEDIUMNVD

EPSS

0.4%

top 41.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Debian Linux

Timeline

PublishedJul 31

Latest updateMay 17

Description

Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

▶NVDgoogle/chrome28.0.1500.94+68

Also affects: Debian Linux 7.0

🔴Vulnerability Details

GHSA

GHSA-v225-p24p-x2m7: Google Chrome before 28↗2022-05-17

▶