CVE-2012-4905
Google Chrome <18.0.1025308 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universal XSS (UXSS)."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Artem Chaykin · textremoteandroid
https://www.exploit-db.com/exploits/37792
Scores
EPSS
0.0085
EPSS Percentile
74.7%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
google/chrome
< 18.0.1025306
n/a/n/a
Timeline
Published
Sep 13, 2012
Tracked Since
Feb 18, 2026