Tag
#chrome
The Appfire Jira Misc Custom Fields (JMCF) app 2.4.6 for Atlassian Jira allows XSS via a crafted project name to the Add Auto Indexing Rule function.
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function WanParameterSetting.
**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**
**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 103.0.1264.49 7/6/2022 103.0.5060.114 Extended Stable: 102.0.1245.56 7/6/2022 102.0.5005.148
Researchers have uncovered a supply chain attack that tricked app and website developers into using copies of popular npm packages that contained malicious code to steal form data. The post IconBurst software supply chain attack offers malicious versions of NPM packages appeared first on Malwarebytes Labs.
As a result of browser market consolidation, adversaries can focus on uncovering vulnerabilities in just two main browser engines.
The heap buffer-overflow issue in Chrome for Android could be used for DoS, code execution, and more.
Google has patched a vulnerability in Chrome which was being exploited in the wild. Make sure you're using the latest version. The post Update now! Chrome patches ANOTHER zero-day vulnerability appeared first on Malwarebytes Labs.