Thomas Beverley

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 101.0.4951.41 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in the Extensions API, allowing an attacker to leak cross-origin data via a crafted Chrome Extension if a user is convinced to install a malicious extension. This could potentially lead to the disclosure of protected information or cause the program to crash unexpectedly. **Recommendations** For Google Chrome versions prior to 101.0.4951.41, update to version 101.0.4951.41 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.