{"cveID":"CVE-2023-1234","nvdData":{"configurations":{"CVE_data_version":"4.0","nodes":[{"children":[{"children":[],"cpe_match":[{"cpe23Uri":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","cpe_name":[],"versionEndExcluding":"111.0.5563.64","vulnerable":true}],"operator":"OR"},{"children":[],"cpe_match":[{"cpe23Uri":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","cpe_name":[],"vulnerable":false}],"operator":"OR"}],"cpe_match":[],"operator":"AND"}]},"cve":{"CVE_data_meta":{"ASSIGNER":"chrome-cve-admin@google.com","ID":"CVE-2023-1234"},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"en","value":"Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}]},"references":{"reference_data":[{"name":"https://crbug.com/1404621","refsource":"MISC","tags":["Permissions Required"],"url":"https://crbug.com/1404621"},{"name":"https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html","refsource":"MISC","tags":["Release Notes"],"url":"https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html"}]}},"impact":{"baseMetricV3":{"cvssV3":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","version":"3.1"},"exploitabilityScore":2.8,"impactScore":1.4}},"lastModifiedDate":"2023-03-10T20:22Z","publishedDate":"2023-03-07T22:15Z"}}