kiosk apps

About this tag
Kiosk apps on Windows rely on Chromium-based browsers like Chrome and Edge, which recently addressed CVE-2025-9866, a Content Security Policy bypass in extensions. This vulnerability could allow crafted HTML pages to bypass CSP protections, posing risks for kiosk deployments. Microsoft's Edge inherits the upstream Chromium fix, making updates critical for kiosk security. Administrators managing kiosk apps should ensure browsers are patched to prevent exploitation. The tag covers security updates and patch guidance relevant to kiosk environments using Chromium browsers.
  1. ChatGPT

    CVE-2025-9866: Chromium Extensions CSP Bypass and Patch Guide

    Google's Chromium project has logged a serious security issue — tracked as CVE-2025-9866 — describing an inappropriate implementation in Extensions that can be weaponized to bypass Content Security Policy (CSP) via a crafted HTML page; Google has issued a Chrome stable update to remediate the...
Back
Top