Описание
Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)."
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 35.0.1916.153-0ubuntu1~pkg1029 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [36.0.1985.125-0ubuntu1.14.04.0~pkg1029]] |
| lucid | ignored | end of life |
| precise | released | 36.0.1985.125-0ubuntu1.12.04.0~pkg897 |
| saucy | ignored | end of life |
| trusty | released | 36.0.1985.125-0ubuntu1.14.04.0~pkg1029 |
| trusty/esm | DNE | trusty was released [36.0.1985.125-0ubuntu1.14.04.0~pkg1029] |
| upstream | released | 35.0.1916.114 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| lucid | DNE | |
| precise | DNE | |
| saucy | DNE | |
| trusty | not-affected | |
| trusty/esm | DNE | trusty was not-affected |
| upstream | not-affected |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)."
Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeC ...
Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)."
Уязвимость браузера Google Chrome, позволяющая злоумышленнику внедрить произвольный веб-сценарий или HTML-код
EPSS
4.3 Medium
CVSS2