6.1
CVSSv3

CVE-2016-5147

Published: 11/09/2016 Updated: 13/08/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Blink, as used in Google Chrome prior to 53.0.2785.89 on Windows and OS X and prior to 53.0.2785.92 on Linux, mishandles deferred page loads, which allows remote malicious users to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)."

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

Vendor Advisories

Blink, as used in Google Chrome, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)" ...
Blink, as used in Google Chrome before 530278589 on Windows and OS X and before 530278592 on Linux, mishandles deferred page loads, which allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka "Universal XSS (UXSS)" ...
Several security issues were fixed in Oxide ...
Arch Linux Security Advisory ASA-201612-18 ========================================== Severity: Critical Date : 2016-12-17 CVE-ID : CVE-2016-5133 CVE-2016-5147 CVE-2016-5153 CVE-2016-5155 CVE-2016-5161 CVE-2016-5166 CVE-2016-5170 CVE-2016-5171 CVE-2016-5172 CVE-2016-5181 CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 C ...
Several vulnerabilities have been discovered in the chromium web browser CVE-2016-5147 A cross-site scripting issue was discovered CVE-2016-5148 Another cross-site scripting issue was discovered CVE-2016-5149 Max Justicz discovered a script injection issue in extension handling CVE-2016-5150 A use-after-free issue was discovere ...

Recent Articles

Chrome 53 Fixes Address Spoofing Vulnerability, 32 Other Bugs
Threatpost • Chris Brook • 01 Sep 2016

Google continued its onslaught of summer Chrome patches Wednesday when it pushed out version 53 of the browser, fixing 33 bugs, half of which were rated “high” severity by the company.
Google paid at least $56,500 in rewards to researchers who discovered vulnerabilities in the browser this time through. The company is still determining how much to award several researchers who found bugs, while two vulnerabilities marked Wednesday were ultimately not applicable to the company’s...