CVE-2025-13992
CVE-2025-13992
In short
A flaw in Google Chrome allowed attackers to bypass site isolation protections by crafting a malicious webpage, potentially exposing data from other websites you visit.
Technical detail
A side-channel vulnerability in Chrome's navigation and loading mechanism prior to version 139.0.7258.66 enables remote attackers to circumvent site isolation security boundaries through a crafted HTML page, leading to unauthorized cross-site information disclosure.
Summary generated and translated by AI from the official description.
Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Affected products
Google · ChromeWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →