Vulnerability Details : CVE-2016-1638
extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly restrict use of Web APIs, which allows remote attackers to bypass intended access restrictions via a crafted platform app.
Vulnerability category: BypassGain privilege
Exploit prediction scoring system (EPSS) score for CVE-2016-1638
0.54%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 74 %
Percentile, the proportion of vulnerabilities that are scored at or less