CVE-2023-4908
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Sep 12, 2023
Updated: Jan 31, 2024
CWE ID 476
Summary
CVE-2023-4908 is a vulnerability affecting Google Chrome versions prior to 117.0.5938.62. This issue stems from an inappropriate implementation in the Picture in Picture feature. A remote attacker could exploit this flaw by creating a specially crafted HTML page to spoof security UI, potentially leading to user confusion and trust issues. The Chromium security team has classified this vulnerability as low severity.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share