CVE-2010-2301

Google Chrome < 5.0.375.70 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762.

References (8)

Scores

EPSS 0.0050
EPSS Percentile 65.7%

Classification

CWE
CWE-79
Status published

Affected Products (8)

google/chrome < 5.0.375.70
opensuse/opensuse
opensuse/opensuse
suse/suse_linux_enterprise_desktop
suse/suse_linux_enterprise_desktop
suse/suse_linux_enterprise_server
suse/suse_linux_enterprise_server
n/a/n/a

Timeline

Published Jun 15, 2010
Tracked Since Feb 18, 2026