Blink in Google Chrome before 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed attacker controlled JavaScript to be run during the invocation of a private script method, which allowed a remote malicious user to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |