CVE-2018-6140

Publication date

2019-01-09 19:00:00

Family

Chrome

State

PUBLISHED

Description

Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.