CVE 2010-1503
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome:
See the
CVE page on Mitre.org
for more details.