CVE-2013-2849

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2013-2849
Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
https://code.google.com/p/chromium/issues/detail?id=171392
http://www.debian.org/security/2013/dsa-2695
http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16753
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:google:chrome:27.0.1453.77:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.74:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.61:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.62:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.34:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.11:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.47:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.81:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.54:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.41:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.10:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.42:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.59:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.7:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.70:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.69:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.51:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.6:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.38:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.65:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.56:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.71:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.84:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.57:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.58:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.68:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.73:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.35:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.86:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.76:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.4:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.37:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.89:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.52:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.88:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.90:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.13:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.9:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.44:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.78:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.40:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.3:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.85:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.43:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.49:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.80:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.87:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.64:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.67:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.45:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.55:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.82:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.75:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.46:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.83:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.72:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.15:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.60:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.50:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.63:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.8:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.66:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.79:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.5:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:27.0.1453.12:*:*:*:*:*:*:*
History

07 Nov 2023, 02:15

Type Values Removed Values Added
References (CONFIRM) https://code.google.com/p/chromium/issues/detail?id=171392 - Vendor Advisory () https://code.google.com/p/chromium/issues/detail?id=171392 -
References (DEBIAN) http://www.debian.org/security/2013/dsa-2695 - () http://www.debian.org/security/2013/dsa-2695 -
References (CONFIRM) http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html - Vendor Advisory () http://googlechromereleases.blogspot.com/2013/05/stable-channel-release.html -
Information

Published : 2013-05-22 13:29

Updated : 2023-11-07 02:15

NVD link : CVE-2013-2849

Mitre link : CVE-2013-2849

JSON object : View

Products Affected

google

  • chrome
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')