EPSS
Percentile
76.1%
Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.
bugzilla.redhat.com/show_bug.cgi?id=1503530
chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html