Incorrect security UI in PWAs in Google Chrome before 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
debian debian linux 10.0 |
||
opensuse leap 15.1 |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
opensuse backports sle 15.0 |
||
opensuse leap 15.2 |