CVE-2009-3011

Google Chrome < 1.0.154.48 - XSS

Title source: rule

Description

Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta does not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequences in a data:text/html URI or (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Refresh header. NOTE: the JavaScript executes outside of the context of the HTTP site.

References (3)

[Exploit] http://websecurity.com.ua/3315/

[Exploit] http://websecurity.com.ua/3386/

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/52998

Scores

EPSS 0.0024

EPSS Percentile 47.4%

Classification

CWE

CWE-79

Status published

Affected Products (21)

google/chrome < 1.0.154.48

google/chrome

... and 6 more

Timeline

Published Aug 31, 2009

Tracked Since Feb 18, 2026