CVE-2021-38004
MEDIUMGoogle Chrome <95.0.4638.69 - Info Disclosure
Title source: llmDescription
Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Scores
CVSS v3
4.3
EPSS
0.0038
EPSS Percentile
59.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Classification
CWE
CWE-668
Status
published
Affected Products (3)
google/chrome
< 95.0.4638.69
debian/debian_linux
debian/debian_linux
Timeline
Published
Nov 23, 2021
Tracked Since
Feb 18, 2026