CVE-2023-4906

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Sep 12, 2023
Updated: Jan 31, 2024

Summary

CVE-2023-4906 is a vulnerability affecting Google Chrome versions prior to 117.0.5938.62. The issue lies in the Autofill feature, which fails to enforce sufficient policies, allowing a remote attacker to bypass Autofill restrictions using a crafted HTML page. This vulnerability, rated as low severity by Chromium security, can potentially expose user data entered in forms on malicious websites. Users are advised to update their Google Chrome browsers to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share