CVE-2019-13705 in Google and OpenSuse Products
Published on November 25, 2019
Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.
Products Associated with CVE-2019-13705
stack.watch emails you whenever new vulnerabilities are published in Google Chrome or OpenSuse Backports. Just hit a watch button to start following.
Affected Versions
Google Chrome:- Version unspecified and below 78.0.3904.70 is affected.
Exploit Probability
EPSS
0.23%
Percentile
45.13%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.