V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.
Max CVSS
4.3
EPSS Score
0.99%
Published
2017-04-24
Updated
2022-04-22
1 vulnerabilities found