CVE-2024-6999

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-451
View all →

Vulnerability Description

Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Related Vulnerabilities

CVE-2017-0888

MEDIUM
CVSS:4.3(Medium)

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable inp...

CWE-4512017

CVE-2020-7363

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser...

CWE-4512020

CVE-2020-7364

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser...

CWE-4512020

CVE-2020-7369

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser...

CWE-4512020

CVE-2020-7370

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented i...

CWE-4512020

CVE-2020-7371

MEDIUM
CVSS:4.3(Medium)

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser...

CWE-4512020