CVE-2019-13668

High

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin…

Chrome·CWE-281·Published 2019-11-25

CVSS

7.4

EPSS

0.01

KEV

Exploits

cve.orgen

166 chars

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

NVDen

166 chars

Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Una aplicación de política insuficiente en developer tools en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	7.4	2.8	4.0	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N