CVE-2023-5478

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Oct 11, 2023

Updated: Jan 31, 2024

Summary

CVE-2023-5478 is a vulnerability affecting Google Chrome's Autofill feature prior to version 118.0.5993.70. An attacker could exploit this low-severity issue by creating a maliciously crafted HTML page, allowing them to leak cross-origin data. This vulnerability stems from an inappropriate implementation in Autofill, potentially putting users at risk of information disclosure. It is recommended that users update their Google Chrome browsers to the latest version to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s8wlvz
https://www.cve.org/CVERecord?id=CVE-2023-5478
https://nvd.nist.gov/vuln/detail/CVE-2023-5478

Back to Vulnerability Database

CVE-2023-5478

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations