CVE-2020-36765 — Vulnetix

CVE-2020-36765 PUBLISHED CVSS 6.5 MEDIUM

Insufficient policy enforcement in Navigation in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

EPSS 0.10% · 27.5th percentile

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS Score

0.10%

27.5th percentile

Affected Products

Vendor	Product	Versions
google	chrome	0
Google	Chrome	85.0.4183.83

Timeline

Jul 16, 2024 CVE Published
Jul 17, 2024 EPSS Score
Aug 8, 2024 EPSS Score
Aug 29, 2024 EPSS Score
Sep 20, 2024 EPSS Score
Oct 12, 2024 EPSS Score
Nov 3, 2024 EPSS Score
Nov 6, 2024 CVE Updated
Nov 24, 2024 EPSS Score
Dec 17, 2024 EPSS Score
Jan 8, 2025 EPSS Score
Jan 30, 2025 EPSS Score

References

https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html url
https://issues.chromium.org/issues/40091076 url
https://nvd.nist.gov/vuln/detail/CVE-2020-36765 advisory

Open in Interactive Console →