CVE-2012-2886Cross-site Scripting in Google Chrome

CWE-79Cross-site Scripting2 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 50.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeOpensuse
Timeline
PublishedSep 26
Latest updateMay 14

Description

Cross-site scripting (XSS) vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors related to the Google V8 bindings, aka "Universal XSS (UXSS)."

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDgoogle/chrome22.0.1229.78+52
NVDopensuse/opensuse12.1, 12.2+1

🔴Vulnerability Details

1
GHSA
GHSA-j4mv-crqr-wwhj: Cross-site scripting (XSS) vulnerability in Google Chrome before 222022-05-14
CVE-2012-2886 — Cross-site Scripting in Google Chrome | cvebase