Описание
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 33.0.1750.152-0ubuntu1~pkg995.1 |
| lucid | ignored | end of life |
| precise | released | 33.0.1750.152-0ubuntu0.12.04.1~pkg879.1 |
| quantal | released | 33.0.1750.152-0ubuntu0.12.10.1~pkg895.1 |
| saucy | released | 33.0.1750.152-0ubuntu0.13.10.1~pkg984.1 |
| upstream | released | 33.0.1750.117 |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors.
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in th ...
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors.
EPSS
5 Medium
CVSS2