Google : Security Vulnerabilities, CVEs, Published In January 2014 (XSS)
Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors involving the document.write method.
Max CVSS
4.3
EPSS Score
0.13%
Published
2014-01-05
Updated
2014-01-07
1 vulnerabilities found