CVE-2024-2628
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Mar 20, 2024
Updated: Aug 6, 2024
CWE ID 474
Summary
CVE-2024-2628 is a medium severity vulnerability affecting Google Chrome versions prior to 123.0.6312.58. The issue lies in the Downloads feature, which allows a remote attacker to perform UI spoofing through the use of a carefully crafted URL. This vulnerability could potentially mislead users into providing sensitive information or downloading malware, highlighting the importance of keeping browsers up-to-date.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share