Medium severity6.5NVD Advisory· Published Jan 9, 2019· Updated Jun 17, 2026
CVE-2018-16088
CVE-2018-16088
Description
A missing check for JS-simulated input events in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to download arbitrary files with no user input via a crafted HTML page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.