Cross-Site Scripting (XSS) Vulnerabilities in Google Chrome: Drag-and-Drop and Copy-and-Paste Vector Injection

Cross-Site Scripting (XSS) Vulnerabilities in Google Chrome: Drag-and-Drop and Copy-and-Paste Vector Injection

CVE-2013-2849 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.

Learn more about our Cis Benchmark Audit For Google Chrome.