CVE-2013-6656

2014-02-24T04:48:00
ID CVE-2013-6656
Type cve
Reporter cve@mitre.org
Modified 2014-04-01T06:26:00

Description

The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting page instead of the body of a redirect target, which allows remote attackers to obtain sensitive information via unspecified vectors.