The host is installed with Google Chrome before 44.0.2403.89 and is prone to an universal XSS vulnerability. A flaw is present in the application, which fails to properly apply a certain V8 context restriction. Successful exploitation could allow attackers to inject arbitrary web script.