CVE-2024-7978

Summary

CVE-2024-7978 is a vulnerability affecting Google Chrome versions prior to 128.0.6613.84, which allows remote attackers to leak cross-origin data by convincing users to perform specific UI gestures on a maliciously crafted HTML page. The risk associated with this vulnerability is rated as Medium, with a CVSS base score of 4.3, indicating a low confidentiality impact and no integrity or availability impact. Organizations can remediate this issue by updating Google Chrome to the latest version that addresses this vulnerability. User interaction is required for exploitation, meaning that users must be tricked into engaging with the malicious content for the attack to succeed. Failure to patch could lead to unauthorized access to sensitive information, potentially compromising user privacy and organizational security.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.