← Zuruck zu CVEs
CVE-2026-2345
LOW3.6
Beschreibung
Proctorio Chrome Extension is a browser extension used for online proctoring. The extension contains multiple window.addEventListener('message', ...) handlers that do not properly validate the origin of incoming messages. Specifically, an internal messaging bridge processes messages based solely on the presence of a fromWebsite property without verifying the event.origin attribute.
CVE Details
CVSS v3.1 Bewertung3.6
SchweregradLOW
CVSS VektorCVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
AngriffsvektorLOCAL
KomplexitatHIGH
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht2/11/2026
Zuletzt geandert2/11/2026
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-346
Referenzen
https://www.hckrt.com/hacktivity/46b61f36-b685-4667-aebf-82a67ad69ad6(7004884b-51e2-48e8-b4a2-5ca29e80453e)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.