Google : Security vulnerabilities, CVEs xss, cross site scripting published in May 2014

CVE-2014-1747

Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)."

Max CVSS

4.3

EPSS Score

0.31%

Published

2014-05-21

Updated

2017-12-29

CVE-2014-0362

Cross-site scripting (XSS) vulnerability on Google Search Appliance (GSA) devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inject arbitrary web script or HTML via input included in a SCRIPT element.

Max CVSS

4.3

EPSS Score

0.07%

Published

2014-05-08

Updated

2019-07-18

2 vulnerabilities found

Google : Security Vulnerabilities, CVEs, Published In May 2014 (XSS)

CVE-2014-1747

CVE-2014-0362