Description
Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7371
Vendor Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html
Patch, Vendor Advisory x_refsource_confirm
http://code.google.com/p/chromium/issues/detail?id=54006
Scores
EPSS
0.0066
EPSS Percentile
47.1%
Details
CWE
CWE-200
Status
published
Products (1)
google/chrome
< 6.0.472.59
Published
Sep 16, 2010
Tracked Since
Feb 18, 2026