Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: High)
| Vendor | Product | Versions |
|---|---|---|
| chrome | 150.0.7871.47 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| android | cve_cpe | 95% |
Updated vendor to Microsoft and product to Edge, marked exploit as available, and noted no specific patch version for Edge.
Updated severity to CRITICAL, added affected version 149.0.7827.201, and marked the vulnerability as actively exploited.
Initial creation