Takashi Yoneuchi

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 89.0.4389.72 **Description** The issue is related to an inappropriate implementation in performance APIs, allowing a remote attacker to leak cross-origin data via a crafted HTML page. This could potentially give access to confidential information. **Recommendations** For Google Chrome versions prior to 89.0.4389.72, update to version 89.0.4389.72 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 80.0.3987.87 **Description** The issue is related to the inappropriate implementation of the CORS mechanism in Google Chrome, which is caused by insufficient input validation. This can be exploited by a remote attacker using a specially crafted HTML page to gain unauthorized access to information, potentially leading to the leakage of cross-origin data. **Recommendations** For versions prior to 80.0.3987.87, update to version 80.0.3987.87 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** GROWI versions 3.2.3 and earlier **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML. **Recommendations** For versions 3.2.3 and earlier, update to a version later than 3.2.3 to resolve the issue.