CVE-2023-5480

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 1, 2023
Updated: Jan 31, 2024
CWE ID 79

Summary

CVE-2023-5480 is a high-severity vulnerability affecting Google Chrome versions prior to 119.0.6045.105. This issue arises from an inappropriate implementation in the Payments feature, enabling a remote attacker to bypass Cross-Site Scripting (XSS) protections using a malicious file. This weakness could potentially lead to unauthorized access or data theft. Users are encouraged to update their browsers to the latest version to mitigate the risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share