CVE-2022-4910: 
Google Chrome vulnerability analysis and mitigation

An inappropriate implementation in the Autofill feature of Google Chrome versions prior to 107.0.5304.62 allowed remote attackers to bypass navigation restrictions through a crafted HTML page. The vulnerability was reported by Alesandro Ortiz on December 13, 2021, and was assigned a Medium severity rating by the Chromium security team (Chrome Release).

The vulnerability has been assigned a CVSS v3.1 base score of 5.4 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N. This indicates that the vulnerability can be exploited remotely, requires low attack complexity, needs no privileges, but does require user interaction. The scope is unchanged, with low impact on both confidentiality and integrity, and no impact on availability (NVD).

The vulnerability could allow attackers to bypass navigation restrictions in Google Chrome when a user interacts with a specially crafted HTML page. This could potentially lead to information disclosure and integrity issues, though both are rated as low impact according to the CVSS scoring (NVD).

The vulnerability was fixed in Google Chrome version 107.0.5304.62 and later versions. Users are advised to update their Chrome browsers to the latest version to protect against this vulnerability. The fix was included as part of a broader security update that addressed multiple vulnerabilities (Chrome Release).