Metrics
Affected Vendors & Products
Mon, 13 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | UXSS Vulnerability in Chrome Extensions UI |
Sat, 11 Jul 2026 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | User‑Experience Cross‑Site Scripting via Malicious Chrome Extension |
Fri, 10 Jul 2026 04:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | User‑Experience Cross‑Site Scripting via Malicious Chrome Extension |
Thu, 09 Jul 2026 03:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome Extension UI flaw allows injection of arbitrary scripts via crafted web pages |
Wed, 08 Jul 2026 03:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome Extension UI flaw allows injection of arbitrary scripts via crafted web pages |
Tue, 07 Jul 2026 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome Extension UI Allows User‑Experience Cross‑Site Scripting |
Mon, 06 Jul 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome Extension UI Allows User‑Experience Cross‑Site Scripting |
Sun, 05 Jul 2026 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | User‑experience cross‑site scripting via malicious Chrome extension |
Sun, 05 Jul 2026 04:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | User‑experience cross‑site scripting via malicious Chrome extension |
Sat, 04 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Incorrect Extension UI Enables UXSS via Malicious Extension |
Fri, 03 Jul 2026 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Incorrect Extension UI Enables UXSS via Malicious Extension |
Fri, 03 Jul 2026 09:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Extension UI allows injected scripts via malicious extension |
Fri, 03 Jul 2026 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Extension UI allows injected scripts via malicious extension |
Thu, 02 Jul 2026 20:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Google Chrome Extension UI Script Injection Flaw |
Thu, 02 Jul 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Google Chrome Extension UI Script Injection Flaw |
Wed, 01 Jul 2026 22:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Cross‑Site Scripting via Incorrect Extension UI in Chrome |
Wed, 01 Jul 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Wed, 01 Jul 2026 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Cross‑Site Scripting via Incorrect Extension UI in Chrome | |
| Weaknesses | CWE-79 |
Wed, 01 Jul 2026 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Google
Google chrome |
|
| Vendors & Products |
Google
Google chrome |
Wed, 01 Jul 2026 12:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome Extension UI flaw permits arbitrary script and HTML injection | |
| Weaknesses | CWE-79 |
Wed, 01 Jul 2026 01:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Chrome Extension UI flaw permits arbitrary script and HTML injection | |
| Weaknesses | CWE-79 |
Tue, 30 Jun 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Incorrect security UI in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Medium) | |
| References |
|
Status: PUBLISHED
Assigner: Chrome
Published: 2026-06-30T22:38:35.513Z
Updated: 2026-07-01T19:38:27.717Z
Reserved: 2026-06-29T23:04:01.496Z
Link: CVE-2026-13957
Updated: 2026-07-01T19:38:22.670Z
No data.
No data.