CVE-2022-4908

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Jul 29, 2023

Updated: Aug 10, 2023

Summary

CVE-2022-4908 refers to a medium severity vulnerability in Google Chrome's iFrame Sandbox feature, prior to version 107.0.5304.62. This issue stems from an inappropriate implementation that enables a remote attacker to leak cross-origin data through a specially crafted HTML page. The attacker can exploit this vulnerability to gain unauthorized access to sensitive information from other domains. While the impact is limited to information disclosure, it poses a potential risk to user privacy and security. Users are advised to update their Google Chrome browsers to the latest version to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sE2gUz
https://www.cve.org/CVERecord?id=CVE-2022-4908
https://nvd.nist.gov/vuln/detail/CVE-2022-4908

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2022-4908

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations