CVE-2019-13697 — Information Exposure via Error Message in Google Chrome
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 43.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 25
Latest updateMay 24
Description
Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6