Arbitrary File Download Vulnerability in Google Chrome (CVE-2018-6177)

Arbitrary File Download Vulnerability in Google Chrome (CVE-2018-6177)

CVE-2018-16088 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page.

Learn more about our Cis Benchmark Audit For Google Chrome.