Vulnerability Details : CVE-2017-5018
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, had an insufficiently strict content security policy on the Chrome app launcher page, which allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.
Vulnerability category: Cross site scripting (XSS)
Exploit prediction scoring system (EPSS) score for CVE-2017-5018
0.46%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 72 %
Percentile, the proportion of vulnerabilities that are scored at or less