Impact
Chrome for iOS versions before 150.0.7871.47 contain an implementation flaw that lets a remote attacker trigger UI spoofing using a specially crafted HTML page. The attacker can cause the browser to display interface elements that appear legitimate, potentially misleading the user, but the flaw does not grant code execution or direct system compromise.
Affected Systems
All builds of Google Chrome on iOS up to and including version 150.0.7871.46 are affected. Versions 150.0.7871.47 and later contain the remediation.
Risk and Exploitability
The flaw is exploitable remotely via a malicious web page; no local privileges or additional conditions are required. Chromium classifies the issue as Medium severity, no EPSS data is available, and the vulnerability is not listed in the CISA KEV catalog.
OpenCVE Enrichment