6.4

CVE-2013-6657

core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version <= 33.0.1750.116
GoogleChrome Version33.0.1750.0
GoogleChrome Version33.0.1750.1
GoogleChrome Version33.0.1750.2
GoogleChrome Version33.0.1750.3
GoogleChrome Version33.0.1750.4
GoogleChrome Version33.0.1750.5
GoogleChrome Version33.0.1750.6
GoogleChrome Version33.0.1750.7
GoogleChrome Version33.0.1750.8
GoogleChrome Version33.0.1750.9
GoogleChrome Version33.0.1750.10
GoogleChrome Version33.0.1750.11
GoogleChrome Version33.0.1750.12
GoogleChrome Version33.0.1750.13
GoogleChrome Version33.0.1750.14
GoogleChrome Version33.0.1750.15
GoogleChrome Version33.0.1750.16
GoogleChrome Version33.0.1750.18
GoogleChrome Version33.0.1750.19
GoogleChrome Version33.0.1750.20
GoogleChrome Version33.0.1750.21
GoogleChrome Version33.0.1750.22
GoogleChrome Version33.0.1750.23
GoogleChrome Version33.0.1750.24
GoogleChrome Version33.0.1750.25
GoogleChrome Version33.0.1750.26
GoogleChrome Version33.0.1750.27
GoogleChrome Version33.0.1750.28
GoogleChrome Version33.0.1750.29
GoogleChrome Version33.0.1750.30
GoogleChrome Version33.0.1750.31
GoogleChrome Version33.0.1750.34
GoogleChrome Version33.0.1750.35
GoogleChrome Version33.0.1750.36
GoogleChrome Version33.0.1750.37
GoogleChrome Version33.0.1750.38
GoogleChrome Version33.0.1750.39
GoogleChrome Version33.0.1750.40
GoogleChrome Version33.0.1750.41
GoogleChrome Version33.0.1750.42
GoogleChrome Version33.0.1750.43
GoogleChrome Version33.0.1750.44
GoogleChrome Version33.0.1750.45
GoogleChrome Version33.0.1750.46
GoogleChrome Version33.0.1750.47
GoogleChrome Version33.0.1750.48
GoogleChrome Version33.0.1750.49
GoogleChrome Version33.0.1750.50
GoogleChrome Version33.0.1750.51
GoogleChrome Version33.0.1750.52
GoogleChrome Version33.0.1750.53
GoogleChrome Version33.0.1750.54
GoogleChrome Version33.0.1750.55
GoogleChrome Version33.0.1750.56
GoogleChrome Version33.0.1750.57
GoogleChrome Version33.0.1750.58
GoogleChrome Version33.0.1750.59
GoogleChrome Version33.0.1750.60
GoogleChrome Version33.0.1750.61
GoogleChrome Version33.0.1750.62
GoogleChrome Version33.0.1750.63
GoogleChrome Version33.0.1750.64
GoogleChrome Version33.0.1750.65
GoogleChrome Version33.0.1750.66
GoogleChrome Version33.0.1750.67
GoogleChrome Version33.0.1750.68
GoogleChrome Version33.0.1750.69
GoogleChrome Version33.0.1750.70
GoogleChrome Version33.0.1750.71
GoogleChrome Version33.0.1750.73
GoogleChrome Version33.0.1750.74
GoogleChrome Version33.0.1750.75
GoogleChrome Version33.0.1750.76
GoogleChrome Version33.0.1750.77
GoogleChrome Version33.0.1750.79
GoogleChrome Version33.0.1750.80
GoogleChrome Version33.0.1750.81
GoogleChrome Version33.0.1750.82
GoogleChrome Version33.0.1750.83
GoogleChrome Version33.0.1750.85
GoogleChrome Version33.0.1750.88
GoogleChrome Version33.0.1750.89
GoogleChrome Version33.0.1750.90
GoogleChrome Version33.0.1750.91
GoogleChrome Version33.0.1750.92
GoogleChrome Version33.0.1750.93
GoogleChrome Version33.0.1750.104
GoogleChrome Version33.0.1750.106
GoogleChrome Version33.0.1750.107
GoogleChrome Version33.0.1750.108
GoogleChrome Version33.0.1750.109
GoogleChrome Version33.0.1750.110
GoogleChrome Version33.0.1750.111
GoogleChrome Version33.0.1750.112
GoogleChrome Version33.0.1750.113
GoogleChrome Version33.0.1750.115
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.477
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.4 10 4.9
AV:N/AC:L/Au:N/C:P/I:P/A:N