Cross-site scripting (XSS) vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS (UXSS)."
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2014-05-21T10:00:00
Updated: 2024-08-06T09:50:11.275Z
Reserved: 2014-01-29T00:00:00
Link: CVE-2014-1747
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-05-21T11:14:09.800
Modified: 2023-11-07T02:19:22.413
Link: CVE-2014-1747
Redhat
No data.