CVE-2023-2937

MEDIUM Year: 2023
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-451
View all →

Vulnerability Description

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

Related Vulnerabilities

CVE-2017-0888

MEDIUM
CVSS:4.3(Medium)

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable inp...

CWE-4512017

CVE-2020-7363

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser...

CWE-4512020

CVE-2020-7364

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser...

CWE-4512020

CVE-2020-7369

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser...

CWE-4512020

CVE-2020-7370

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented i...

CWE-4512020

CVE-2020-7371

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser...

CWE-4512020