First published: Fri Sep 18 2009(Updated: )
Cross-site scripting (XSS) vulnerability in Google Chrome 2.x and 3.x before 3.0.195.21 allows remote attackers to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as XML "active content."
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Google Chrome | =2.0.156.1 | |
Google Chrome | =2.0.157.0 | |
Google Chrome | =2.0.157.2 | |
Google Chrome | =2.0.158.0 | |
Google Chrome | =2.0.159.0 | |
Google Chrome | =2.0.169.0 | |
Google Chrome | =2.0.169.1 | |
Google Chrome | =2.0.170.0 | |
Google Chrome | =2.0.172 | |
Google Chrome | =2.0.172.2 | |
Google Chrome | =2.0.172.8 | |
Google Chrome | =2.0.172.27 | |
Google Chrome | =2.0.172.28 | |
Google Chrome | =2.0.172.30 | |
Google Chrome | =2.0.172.31 | |
Google Chrome | =2.0.172.33 | |
Google Chrome | =2.0.172.37 | |
Google Chrome | =2.0.172.38 | |
Google Chrome | =3.0.182.2 | |
Google Chrome | =3.0.190.2 | |
Google Chrome | =3.0.193.2-beta |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.