VDB
CISA-2024-13178
CISA-2024-13178
PUBLISHED
CVSS 4.3 MEDIUM
Reported by Chrome · Published November 14, 2025
Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Risk Scores
CVSS 3.1
4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | 128.0.6613.84 | |
| Chrome | 128.0.6613.84, 128.0.6613.84 |
Timeline
- Nov 14, 2025 CVE Published
- Nov 14, 2025 CVE Updated