Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Chrome |
Google |
* |
63.0.3239.84 (excluding) |
References