|Category:||Web application abuses|
|Title:||Google Chrome RSS Or Atom Feed Cross-Site Scripting Vulnerability|
|Summary:||Check for the version of Google Chrome|
Overview: This host is installed with Google Chrome and is prone to Cross-Site
An XSS vulnerability exists when the application fails to handle 'RSS' and 'Atom'
feed, related to the rendering of the application/rss+xml content type as
Successful exploitation will allow remote attackers to inject arbitrary web
script or HTML on the victim's system.
Impact Level: Application
Google Chrome version 2.x and 3.x before 220.127.116.11 on Windows.
Fix: Upgrade to Google Chrom version 18.104.22.168 or later
BugTraq ID: 36416|
Common Vulnerability Exposure (CVE) ID: CVE-2009-3263
Bugtraq: 20090916 Exploiting Chrome and Opera's inbuilt ATOM/RSS reader with Script Execution and more (Google Search)
|Copyright||Copyright (C) 2009 SecPod|
|This is only one of 51507 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.