User Interface (UI) Misrepresentation of Critical Information
CVE-2024-7020
Summary
Inappropriate implementation in Autofill in Google Chrome versions prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
- LOW
- NETWORK
- LOW
- UNCHANGED
- REQUIRED
- NONE
- NONE
- NONE
CWE-451 - User Interface (UI) Misrepresentation of Critical Information
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
Advisory Timeline
- Published