CVE-2022-2861 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-2861 PUBLISHED CVSS 6.5 MEDIUM

Reported by Chrome · Published September 26, 2022

Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page.

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected Products

Vendor	Product	Versions
Google	Chrome	unspecified
Google	Chrome	unspecified

Timeline

Aug 25, 2022 CVE Published
Sep 27, 2022 EPSS Score
Nov 10, 2022 EPSS Score
Dec 24, 2022 EPSS Score
Feb 6, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 22, 2023 EPSS Score
May 5, 2023 EPSS Score
Jun 18, 2023 EPSS Score
Aug 1, 2023 EPSS Score
Sep 13, 2023 EPSS Score
Oct 27, 2023 EPSS Score

References

x_refsource_MISC
x_refsource_MISC
FEDORA-2022-3f28aa88cf vendor-advisoryx_refsource_FEDORA

Open in Interactive Console →