This issue has been fixed in the latest version of Google Chrome. Incorrect implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. This issue was fixed in Google Chrome 49.0.2423.90. Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. This issue was fixed in Google Chrome 49.0.2423.90. CVE-2018-6132 Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2018-6133 Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2018-6134 Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2018-6135 Inappropriate implementation in Per
How to exploit the vulnerability?
The vulnerability can be exploited by tricking the user into visiting a malicious webpage and if the user is logged into Chrome, the attacker could then read information from the Omnibox. It can also be exploited by tricking the user into installing a malicious extension.
Timeline
Published on: 04/05/2022 01:15:00 UTC
Last modified on: 08/15/2022 11:15:00 UTC