CVE-2013-2849

Published: 22 May 2013

Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
Upstream
Released (27.0.1453.93)

References