QwikSec

Security Database

CVE

CWE

Training

CVE-2022-2160

Published: Jul 28, 2022

Modified: Jun 2, 2026

PUBLISHED

Description

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.

Vendor	Product	Versions
Google	Chrome	affected `unspecified - < 103.0.5060.53`

References

https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html

x_refsource_MISC

https://crbug.com/1116450

x_refsource_MISC

FEDORA-2022-0102ccc2a2

vendor-advisory

x_refsource_FEDORA

FEDORA-2022-1d3d5a0341

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.