CVE-2011-1438 — Improper Input Validation in Google Chrome

Severity

7.5HIGHNVD

EPSS

1.0%

top 23.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMay 3

Latest updateMay 13

Description

Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs.

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

▶NVDgoogle/chrome< 11.0.696.57

GHSA

GHSA-5c49-gj3w-cp54: Google Chrome before 11↗2022-05-13

▶

Bugzilla

CVE-2011-3648 Mozilla: Universal XSS likely with MultiByte charset (MFSA 2011-47)↗2011-11-08

▶