Authentication Bypass by Spoofing
CVE-2021-21134
Summary
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- NONE
- NONE
CWE-290 - Authentication Bypass by Spoofing
This attack-focused weakness is caused by improperly implemented authentication schemes that are subject to spoofing attacks.
References
Advisory Timeline
- Published