Vulnerability · NVD

CVE-2021-21211

MEDIUM 6.5 Published on 2021-04-26

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Attack vector : Network No privileges required

Show raw CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS 0.63% above median percentile 70.7%

Tracked apps referencing this CVE

For each app: the affected range, the fixing version, and where the tracked app stands today.

Google Chrome iOS com.google.chrome.ios

Affected <90.0.4430.72 Fixed in 90.0.4430.72 Latest tracked 149.0.8727.45 patched

Vulnerable CPE configurations (1)

Vendor	Product	Platform	Versions	CPE 2.3 URI
google	chrome iOS	iOS	<90.0.4430.72	cpe:2.3:a:google:chrome::::::iphone_os::*

View on NVD ↗