VDB
CVE-2022-2860
CVE-2022-2860
PUBLISHED
CVSS 6.5 MEDIUM
Reported by Chrome · Published September 26, 2022
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page.
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | unspecified | |
| Chrome | unspecified |
Timeline
- Aug 25, 2022 CVE Published
- Sep 27, 2022 EPSS Score
- Nov 11, 2022 EPSS Score
- Dec 25, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 24, 2023 EPSS Score
- May 8, 2023 EPSS Score
- Jun 21, 2023 EPSS Score
- Aug 5, 2023 EPSS Score
- Sep 18, 2023 EPSS Score
- Nov 2, 2023 EPSS Score
References
- x_refsource_MISC
- x_refsource_MISC
- FEDORA-2022-3f28aa88cf vendor-advisoryx_refsource_FEDORA