CVE-2020-6440

Medium

4.3/10

Summary

Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.

Access Complexity: MEDIUM
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Apr 13, 2020

CVE-2020-6440

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS