Lucene search
MitreCVELIST:CVE-2018-20524HistoryOct 03, 2022 - 4:22 p.m.
CVE-2018-20524
2022-10-0316:22:06
mitre
www.cve.org
chrome
xss
content security policy
0.001 Low
EPSS
Percentile
34.2%
The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted use of <<a> in a message, because a danmuWrapper DIV element in chatbox-only\danmu.js is outside the scope of a Content Security Policy (CSP).
Related
prion
prion
Code injection
2018-12-27 18:29:00
nvd
nvd
CVE-2018-20524
2018-12-27 18:29:00
cve
cve
CVE-2018-20524
2022-10-03 16:22:06