CVE-2021-38015

HIGH WAF: Medium
CVSS 8.8 Published: 2021-12-23
CWE-20

Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

WAF Coverage Analysis

Improper Input Validation Medium WAF Coverage

OWASP: A03:2021 Injection

920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection

Affected Software

VendorProductVersion
googlechromeup to 96.0.4664.45
fedoraprojectfedora34
debiandebian_linux10.0
debiandebian_linux11.0

References

Back to CVE Database