This Security Advisory was delivered as a customer service announcement by Hanzo Host to help our customers
and friends keep their systems up-to-date against the latest vulnerabilities.

Security Advisory

Google Chrome Security Bypass and Cross-Site Scripting

Info:

Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

1. An error in the processing of RSS and Atom feeds can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
2. An error in the "getSVGDocument" method can be exploited to bypass the Same-Origin-Policy and execute arbitrary HTML and script code in a user's browser session in context of a site hosting an SVG document.

Solution:

Upgrade to the latest version of Chrome

If you have any questions please contact Support by raising a ticket via the Customer Portal

Many thanks!