Endpoint Vulnerability

Security Vulnerability CVE-2013-2849 for Google Chrome

Description

Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste operation.

Affected Products

Google Chrome

References

CVE-2013-2849,