CVE-2016-1615Google Chrome vulnerability

CWE-2545 documents5 sources
Severity
6.5MEDIUMNVD
EPSS
0.8%
top 26.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedJan 25
Latest updateMay 17

Description

The Omnibox implementation in Google Chrome before 48.0.2564.82 allows remote attackers to spoof a document's origin via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

NVDgoogle/chrome47.0.2526.106

🔴Vulnerability Details

2
GHSA
GHSA-xcg2-7p7v-g9cj: The Omnibox implementation in Google Chrome before 482022-05-17
OSV
CVE-2016-1615: The Omnibox implementation in Google Chrome before 482016-01-25

📋Vendor Advisories

1
Red Hat
chromium-browser: origin confusion in Omnibox2016-01-20

💬Community

1
Bugzilla
CVE-2016-1615 chromium-browser: origin confusion in Omnibox2016-01-22