Adobe Acrobat Pdf Extension Chrome
Monthly
Universal cross-site scripting (UXSS) in Adobe Acrobat PDF Extension for Chrome (versions 26.5.2.2 and earlier) allows remote attackers to disclose cross-origin session data when a victim visits a malicious URL or interacts with a compromised page. The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N indicates high confidentiality impact across security boundaries, and no public exploit identified at time of analysis. The flaw is browser-extension scoped, so impact is limited to users who have installed this Chrome extension.
Universal cross-site scripting (UXSS) in Adobe Acrobat PDF Extension for Chrome (versions 26.5.2.2 and earlier) allows remote attackers to disclose cross-origin session data when a victim visits a malicious URL or interacts with a compromised page. The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N indicates high confidentiality impact across security boundaries, and no public exploit identified at time of analysis. The flaw is browser-extension scoped, so impact is limited to users who have installed this Chrome extension.