Public CVE-2011-1814 disclosure

Google Chrome before 12.0.742.91 allows remote attackers to inject script into a tab page via vectors related to extensions.