CVE-2024-9964 - Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote at

CVE-2024-9964

Summary

Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

References

https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html
https://issues.chromium.org/issues/361711121

Vulnerable Configurations

CVSS

Base:	None
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

17-10-2024 - 20:30

Published

15-10-2024 - 21:15

Last modified

17-10-2024 - 20:30