CVE-2014-1747

2014-05-21T11:14:00
ID CVE-2014-1747
Type cve
Reporter cve@mitre.org
Modified 2017-12-29T02:29:00

Description

Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)."