CVE-2013-5129

CVE-2013-5129 affects WebKit in Apple iOS prior to 7. It describes two user-assisted XSS vectors: (1) drag-and-drop and (2) copy-and-paste, allowing an attacker to inject arbitrary script/HTML via data handled by WebKit. The vulnerability arises from how WebKit processes dragged/pasted content an...

Debian DSA-2695-1 : chromium-browser - several issues

Several vulnerabilities have been discovered in the Chromium web browser. Multiple use-after-free, out-of-bounds read, memory safety, and cross-site scripting issues were discovered and corrected. - CVE-2013-2837 Use-after-free vulnerability in the SVG implementation allows remote attackers to...

Code injection

Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site...

Cross site scripting

Cross-site scripting XSS vulnerability in WebKit in Apple iOS before 6.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted content that is not properly handled during a copy-and-paste operation...