Google : Security Vulnerabilities, CVEs, Published In May 2014 (XSS)
Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)."
Max CVSS
4.3
EPSS Score
0.31%
Published
2014-05-21
Updated
2017-12-29
Cross-site scripting (XSS) vulnerability on Google Search Appliance (GSA) devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input included in a SCRIPT element.
Max CVSS
4.3
EPSS Score
0.07%
Published
2014-05-08
Updated
2019-07-18
2 vulnerabilities found