CVE-2016-5148 in Chromeinfo

Summary

Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka "Universal XSS (UXSS)."

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

05/31/2016

Disclosure

09/11/2016

Entries

1: VDB-91052

CPE

ready

CVSS

6.1

EPSS

0.00567

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2016-5148
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2016-5148
CVE Detailshttps://www.cvedetails.com/cve/CVE-2016-5148/

PreviousOverviewNext