Oliver Dunk

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 104.0.5112.79 Microsoft Edge (affected versions not specified) **Description** The issue is related to insufficient validation of untrusted input in the Settings of Google Chrome and Microsoft Edge browsers. This could allow a remote attacker to disclose protected information by injecting scripts or HTML into a privileged page via a crafted HTML page, if a user is convinced to install a malicious extension. **Recommendations** For Google Chrome versions prior to 104.0.5112.79, update to version 104.0.5112.79 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.