关于 CVE-2010-0556 的漏洞信息

1. 漏洞描述
From NVD
browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication, as demonstrated by a URL in the SRC attribute of an IMG element.
From 神龙GPT (AIGC)
在Google Chrome 4.0.249.89之前,浏览器/login/login_prompt.cc会为另一个网站的Password Manager存储的密码 populate 一个身份验证对话框。这允许用户协助的远程HTTP服务器通过需要身份验证的URL获取敏感信息,例如IMG元素中src attribute 中的URL。
2. 漏洞评分(CVSS)
From NVD
NVD 暂无评分
From 神龙GPT (AIGC)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
3. 漏洞类别
From NVD
NVD 暂无漏洞类别信息
From 神龙GPT (AIGC)
神龙GPT 暂无漏洞类别信息(请耐心等待)
Reference