| Revision Date: | 2014-04-21 | Version: | 29 |
| Title: | A cross-site scripting issue in events |
| Description: | The GenerateFunction function in bindings/scripts/code_generator_v8.pm in Blink, as used in Google Chrome before 33.0.1750.149, does not implement a certain cross-origin restriction for the EventTarget::dispatchEvent function, which allows remote attackers to conduct Universal XSS (UXSS) attacks via vectors involving events. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2014-1701
|
| Platform(s): | Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Google Chrome
|
| Definition Synopsis |
| Google Chrome is installed AND Check if the version of Google Chrome is less than 33.0.1750.149
|