VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-7mu4-f7w4-qyh9

Essentials
Severities (20)
References (15)
Severity details (3)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-7mu4-f7w4-qyh9
Aliases	CVE-2023-7282
Summary	Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)
Status	Published
Exploitability	0.5
Weighted Severity	3.9
Risk	1.9
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
epss	0.00048	https://api.first.org/data/v1/epss?cve=CVE-2023-7282
cvssv3.1	4.3	https://issues.chromium.org/issues/40056040
ssvc	Track	https://issues.chromium.org/issues/40056040
cvssv3.1	4.3	https://nvd.nist.gov/vuln/detail/CVE-2023-7282

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2023-7282
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2459
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2460
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2461
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2462
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2463
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2464
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2465
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2466
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2467
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2468
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-7282
40056040		https://issues.chromium.org/issues/40056040
cpe:2.3:a:google:chrome::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
CVE-2023-7282		https://nvd.nist.gov/vuln/detail/CVE-2023-7282

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://issues.chromium.org/issues/40056040

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:49:55Z/ Found at https://issues.chromium.org/issues/40056040

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-7282

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.14851
EPSS Score	0.00048
Published At	Aug. 2, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:37:27.482637+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2023/7xxx/CVE-2023-7282.json	37.0.0