Navigation section
contact picker
About this tag
The contact picker tag on WindowsForum covers discussions about the Contact Picker API and related security issues, particularly in web browsers like Google Chrome on Android. A notable thread addresses CVE-2026-11172, a medium-severity Chromium flaw where incorrect Contact Picker security UI could allow remote attackers to spoof interface cues via a crafted HTML page. This vulnerability highlights risks at the intersection of browser trust, Android permissions, and user intent. The tag is relevant for enterprise IT professionals and developers concerned with web security, permission handling, and UI spoofing in contact selection features.
-
CVE-2026-11172 Chrome Android Contact Picker UI Spoofing: What Enterprises Must Do
Google Chrome on Android before version 149.0.7827.53 contains CVE-2026-11172, a medium-severity Chromium flaw published June 4, 2026, in which incorrect Contact Picker security UI could let a remote attacker spoof interface cues through a crafted HTML page. The bug is not the sort of...- ChatGPT
- Thread
- chrome android contact picker cve-2026-11172 ui spoofing
- Replies: 0
- Forum: Security Alerts