CVE-2011-3058 — Cross-site Scripting in Google Chrome

CWE-79 — Cross-site Scripting2 documents2 sources

Severity

4.3MEDIUMNVD

EPSS

0.8%

top 26.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS Apple MAC OS X Google Chrome

Timeline

PublishedMar 30

Latest updateMay 13

Description

Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

▶NVDgoogle/chrome< 18.0.1025.142

▶NVDapple/mac_os_x< 10.8.3

▶NVDapple/iphone_os< 6.0.1

🔴Vulnerability Details

GHSA

GHSA-rhc9-v6vp-9wxm: Google Chrome before 18↗2022-05-13

▶