Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome prior to 53.0.2785.89 on Windows and OS X and prior to 53.0.2785.92 on Linux allows remote malicious users to inject arbitrary web script or HTML via the settings parameter in a chrome-devtools-frontend.appspot.com URL's query string.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
opensuse leap 42.1 |