CVE-2018-6109

CVE-2018-6109

readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page.

Source: CVE-2018-6109

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다