{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T18:02:36.076","vulnerabilities":[{"cve":{"id":"CVE-2012-4904","sourceIdentifier":"cve@mitre.org","published":"2012-09-13T20:55:01.557","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by \"Universal XSS (UXSS)\" attacks against the current tab."},{"lang":"es","value":"Una vulnerabilidad de ejecución de scripts entre aplicaciones en Google Chrome antes de v18.0.1025308 para Android permite a atacantes remotos inyectar secuencias de comandos web a través de vectores no especificados, como se demostró con ataques \"Universal XSS (UXSS)\"  contra la pestaña actual.\r\n"}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndIncluding":"18.0.1025306","matchCriteriaId":"1AD304AD-1B29-435C-938E-DA4FCF886FEA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*","matchCriteriaId":"8255F035-04C8-4158-B301-82101711939C"}]}]}],"references":[{"url":"http://googlechromereleases.blogspot.com/2012/09/chrome-for-android-update.html","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://code.google.com/p/chromium/issues/detail?id=138035","source":"cve@mitre.org"},{"url":"http://googlechromereleases.blogspot.com/2012/09/chrome-for-android-update.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://code.google.com/p/chromium/issues/detail?id=138035","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}