VYPR
Unrated severityNVD Advisory· Published Jul 23, 2015· Updated Jun 17, 2026

CVE-2015-1275

CVE-2015-1275

Description

Cross-site scripting (XSS) vulnerability in org/chromium/chrome/browser/UrlUtilities.java in Google Chrome before 44.0.2403.89 on Android allows remote attackers to inject arbitrary web script or HTML via a crafted intent: URL, as demonstrated by a trailing alert(document.cookie);// substring, aka "Universal XSS (UXSS)."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Google/Chrome2 versions
    cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*range: <=43.0.2357.134
    • (no CPE)range: <44.0.2403.89
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.