The extension subsystem in Google Chrome prior to 17.0.963.78 does not properly handle history navigation, which allows remote malicious users to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
opensuse opensuse 12.1 |
||
apple safari |
||
apple iphone os |