The host is installed with Google Chrome before 17.0.963.78 or Apple Safari before 5.1.7 and is prone to Universal XSS (UXSS) vulnerability. A flaw is present in the application, which fails to properly handle history navigation. Successful exploitation allows remote attackers to execute arbitrary code.