Google · Google Chrome · CVE-2020-6560
Name of the Vulnerable Software and Affected Versions:
Google Chrome versions prior to 85.0.4183.83
Description:
The issue is related to insufficient policy enforcement in the autofill feature, allowing a remote attacker to leak cross-origin data via a crafted HTML page. This can lead to the exposure of confidential data. There is no information provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.
Recommendations:
For Google Chrome versions prior to 85.0.4183.83, update to version 85.0.4183.83 or later to resolve the issue. As a temporary workaround, consider disabling the autofill feature until a patch is available. Restrict access to sensitive data when using older versions of Google Chrome to minimize the risk of exploitation.