Insufficient policy enforcement in WebUI in Google Chrome before 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
|Vulnerable Product||Search on Vulmon||Subscribe to Product|
Makers of the Chrome, Firefox and Edge browsers are urging users to patch critical vulnerabilities that if exploited allow hackers to hijack systems running the software.
The Mozilla Firefox vulnerability (CVE-2020-16044) is separate from a bug reported in Google’s browser engine Chromium, which is used in the Google Chrome browser and Microsoft’s latest version of its Edge browser.
On Thursday, the Cybersecurity and Infrastructure Security Agency (CISA) urged users of Mozilla Fo...