The host is installed with Google Chrome before 71.0.3578.80 and is prone to a cross-site scripting. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows attackers to have unspecified impact.