CVE-2023-5487 (chrome)

Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

attacker bypass chrome chrome extension chromium cve extension google google chrome implementation install malicious medium navigation restrictions security severity