PT-2013-3970 · Google · Google Chrome
Published
2013-05-21
·
Updated
2017-09-19
·
CVE-2013-2849
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Google Chrome versions prior to 27.0.1453.93
Description
The issue involves multiple cross-site scripting (XSS) vulnerabilities that allow user-assisted remote attackers to inject arbitrary web script or HTML. This can be achieved through vectors involving drag-and-drop or copy-and-paste operations.
Recommendations
For versions prior to 27.0.1453.93, update to version 27.0.1453.93 or later to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Google Chrome