vulnerability

Microsoft Edge Chromium: CVE-2022-1872 Insufficient policy enforcement in Extensions API

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Jun 1, 2022
Added
Jun 1, 2022
Modified
Jan 28, 2025

Description

Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.

Solution

microsoft-edge-upgrade-latest
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.