Lucene search

MitreCVELIST:CVE-2012-4904

HistorySep 13, 2012 - 8:00 p.m.

CVE-2012-4904

2012-09-1320:00:00

mitre

www.cve.org

cross-application scripting

google chrome

android

remote attackers

web script

universal xss

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

44.6%

JSON

Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by “Universal XSS (UXSS)” attacks against the current tab.

References

googlechromereleases.blogspot.com/2012/09/chrome-for-android-update.html

code.google.com/p/chromium/issues/detail?id=138035