Security Advisory

CVE-2023-2937

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-30 21:31:40

Last updated 2025-03-11 18:05:47

Assigner Chrome

State PUBLISHED

Description

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

← Browse all CVEs View on cve.org ↗