CVE-2009-3263

Metadata

CVE-2009-3263
4.3
code.google.com, googlechromereleases.blogspot.com, securethoughts.com, securityfocus.com, securityfocus.com
2009-09-18
2017-06-06 20:21

Description

Cross-site scripting (XSS) vulnerability in Google Chrome 2.x and 3.x before 3.0.195.21 allows remote attackers to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as XML "active content."

Related Vulnerabilities

platform vulnerability
CVE-2009-3263 webkit
CVE-2009-3263 chromium-browser