VDB

CISA-2024-13178

CISA-2024-13178 PUBLISHED CVSS 4.3 MEDIUM

Reported by Chrome · Published November 14, 2025

Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Risk Scores

CVSS 3.1
4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products

VendorProductVersions
GoogleChrome128.0.6613.84
GoogleChrome128.0.6613.84, 128.0.6613.84

Timeline

  • Nov 14, 2025 CVE Published
  • Nov 14, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›