Origin Validation Error

CVE-2022-0120

Medium

6.5/10

Summary

Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-346 - Origin Validation Error

The software does not properly verify that the source of data or communication is valid.

References

Advisory
Release Note

Advisory Timeline

Published Feb 12, 2022

Origin Validation Error

CVE-2022-0120

Summary

CWE-346 - Origin Validation Error

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS