Privilege Escalation Vulnerability in Google Chrome Extensions
CVE-2025-3070
6.5MEDIUM
Summary
A vulnerability exists in Google Chrome Extensions prior to version 135.0.7049.52, due to insufficient validation of untrusted input. This allows remote attackers to escalate privileges by sending specially crafted HTML content, potentially compromising the user's security and privacy. It is crucial to update to the latest version to mitigate the risks associated with this type of attack.
Affected Version(s)
Chrome 135.0.7049.52
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved