Redhat » Enterprise Linux Server : Security Vulnerabilities, CVEs, Published In 2017 (XSS)
Incorrect MIME type of XSS-Protection reports in Blink in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac, and 58.0.3029.83 for Android, allowed a remote attacker to circumvent Cross-Origin Resource Sharing checks via a crafted HTML page.
Max CVSS
6.1
EPSS Score
0.33%
Published
2017-10-27
Updated
2022-04-06
XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page.
Max CVSS
6.1
EPSS Score
0.34%
Published
2017-04-24
Updated
2022-04-22
2 vulnerabilities found