CVE-2010-2301
Description
Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cross-site scripting vulnerability in WebKit's innerHTML handling of TEXTAREA elements allows arbitrary script injection in Chrome before 5.0.375.70.
Vulnerability
A cross-site scripting (XSS) vulnerability exists in WebCore's editing/markup.cpp within WebKit, affecting Google Chrome prior to version 5.0.375.70. The flaw occurs in the appendStartMarkup function when processing TEXTAREA elements. When the node.innerHTML property of a TEXTAREA is read, the characters inside are not properly HTML-entity encoded, allowing an attacker to inject arbitrary HTML or script. This issue is tracked in WebKit bug 38922 [1] and may overlap with CVE-2010-1762.
Exploitation
An attacker can craft a web page containing a TEXTAREA element with malicious content, such as `. When the page's JavaScript reads the innerHTML of that TEXTAREA, the injected markup is decompiled without proper escaping, causing the script to execute. No authentication or special network position is required; the victim only needs to visit the malicious page or view content that triggers the innerHTML` read [1].
Impact
Successful exploitation allows an attacker to execute arbitrary script in the context of the affected origin. This can lead to data theft, session hijacking, defacement, or other malicious actions typically associated with stored or reflected XSS. The attack runs with the privileges of the user's browser session [1].
Mitigation
The vulnerability is fixed in Google Chrome version 5.0.375.70 and later. Users should update their browser to the latest version. The WebKit project committed a patch that HTML-entity encodes the output for TEXTAREA elements. Other WebKit-based browsers (e.g., Safari) should apply the corresponding vendor patches. No workaround is available other than upgrading [1].
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
8cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:10:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- bugs.webkit.org/show_bug.cginvdExploitPatchThird Party Advisory
- code.google.com/p/chromium/issues/detailnvdVendor Advisory
- googlechromereleases.blogspot.com/2010/06/stable-channel-update.htmlnvdRelease NotesVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/40072nvdThird Party Advisory
- secunia.com/advisories/43068nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11861nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0212nvdPermissions Required
News mentions
0No linked articles in our index yet.