The host is installed with Google Chrome before 15.0.874.102 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to sanitize user supplied input. Successful exploitation could allow attackers to inject arbitrary code.