CVE-2022-0803 An attacker in earlier versions of Chrome could tamper with the Omnibox by crafting a page.

CVE-2022-0803 An attacker in earlier versions of Chrome could tamper with the Omnibox by crafting a page.

This issue has been fixed in the latest version of Google Chrome. Incorrect implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. This issue was fixed in Google Chrome 49.0.2423.90. Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. This issue was fixed in Google Chrome 49.0.2423.90. CVE-2018-6132 Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2018-6133 Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2018-6134 Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2018-6135 Inappropriate implementation in Per

How to exploit the vulnerability?

The vulnerability can be exploited by tricking the user into visiting a malicious webpage and if the user is logged into Chrome, the attacker could then read information from the Omnibox. It can also be exploited by tricking the user into installing a malicious extension.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe