CVE-2024-9965

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 130.0.6723.58 Microsoft Edge (affected versions not specified)

Description The issue is related to insufficient data validation in DevTools, allowing a remote attacker to execute arbitrary code via a crafted HTML page by convincing a user to perform specific UI gestures. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited. Technical details include the exploitation of the vulnerability through a manipulated HTML page, but specific API endpoints, vulnerable parameters, or function names are not mentioned.

Recommendations For Google Chrome versions prior to 130.0.6723.58, update to version 130.0.6723.58 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.