Cross site scripting

2010-06-1518:00:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.4%

JSON

Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762.

CPENameOperatorVersion
chromelt5.0.375.70
opensuseeq11.2
opensuseeq11.3
suse_linux_enterprise_desktopeq11 sp1
suse_linux_enterprise_desktopeq10 sp3
suse_linux_enterprise_servereq11 sp1
suse_linux_enterprise_servereq10 sp3

Name	Operator	Version
chrome	lt	5.0.375.70
opensuse	eq	11.2
opensuse	eq	11.3
suse_linux_enterprise_desktop	eq	11 sp1
suse_linux_enterprise_desktop	eq	10 sp3
suse_linux_enterprise_server	eq	11 sp1
suse_linux_enterprise_server	eq	10 sp3