CVE-2015-1285
NONE—CVSS v3
5.0CVSS v2
1.11%
EPSS (exploit probability)
CWE-200CWE
Description
The XSSAuditor::canonicalize function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 44.0.2403.89, does not properly choose a truncation point, which makes it easier for remote attackers to obtain sensitive information via an unspecified linear-time attack.
Affected routers (1)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch? |
|---|---|---|---|---|---|
| Ubiquiti | Ubiquiti EdgeRouter X | — |
— | — | No |