CVE-2023-4357

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 15, 2023
Updated: Jan 31, 2024

Summary

CVE-2023-4357 is a medium severity vulnerability affecting Google Chrome versions prior to 116.0.5845.96. This issue arises from insufficient input validation in the XML parsing process. A remote attacker can exploit this weakness by crafting a malicious HTML page. By manipulating the untrusted input, the attacker can bypass file access restrictions, potentially leading to sensitive data exposure or unauthorized system actions. This vulnerability underscores the importance of robust input validation mechanisms to safeguard against unintended system behavior.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share