Universal XSS (UXSS) Vulnerability in Google Chrome Extension Subsystem
CVE-2011-3046 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
Learn more about our Cis Benchmark Audit For Google Chrome.