← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-38000 — Actively Exploited: Chromium Intents (Google)

Google Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Oper

CVE IDCVE-2021-38000
VendorGoogle
ProductChromium Intents
Vulnerability nameGoogle Chromium Intents Improper Input Validation Vulnerability
Date added2021-11-03
Remediation due2021-11-17
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionGoogle Chromium Intents contains an improper input validation vulnerability that allows a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →