What the vulnerability does

01Description

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

Key dates

02Disclosure timeline

April 2, 2025 CVE published
April 3, 2025 Record updated