CVE-2020-15959

Medium

4.3/10

Summary

Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

References

Advisory Timeline

Published Sep 21, 2020

CVE-2020-15959

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS