CVE-2023-4908

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 12, 2023
Updated: Jan 31, 2024
CWE ID 476

Summary

CVE-2023-4908 is a vulnerability affecting Google Chrome versions prior to 117.0.5938.62. This issue stems from an inappropriate implementation in the Picture in Picture feature. A remote attacker could exploit this flaw by creating a specially crafted HTML page to spoof security UI, potentially leading to user confusion and trust issues. The Chromium security team has classified this vulnerability as low severity.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share