CVE-2015-1275

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 44.0.2403.89

Description The issue is related to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via a crafted intent URL. This can be achieved by appending a substring such as alert(document.cookie);// to the URL. The vulnerability exists due to inadequate protection of the web page structure.

Recommendations For Google Chrome versions prior to 44.0.2403.89, update to version 44.0.2403.89 or later to resolve the issue. As a temporary workaround, consider restricting the use of intent URLs to minimize the risk of exploitation. Avoid using crafted intent URLs that may trigger the vulnerability until the issue is resolved.