System	Score	Found at
epss	0.01311	https://api.first.org/data/v1/epss?cve=CVE-2017-2528
epss	0.01311	https://api.first.org/data/v1/epss?cve=CVE-2017-2528
epss	0.01311	https://api.first.org/data/v1/epss?cve=CVE-2017-2528
epss	0.01311	https://api.first.org/data/v1/epss?cve=CVE-2017-2528
epss	0.01311	https://api.first.org/data/v1/epss?cve=CVE-2017-2528
epss	0.01311	https://api.first.org/data/v1/epss?cve=CVE-2017-2528
epss	0.01311	https://api.first.org/data/v1/epss?cve=CVE-2017-2528
epss	0.01311	https://api.first.org/data/v1/epss?cve=CVE-2017-2528
epss	0.01311	https://api.first.org/data/v1/epss?cve=CVE-2017-2528

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2017-2528
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2528
CVE-2017-2528	Exploit	https://bugs.chromium.org/p/project-zero/issues/detail?id=1176
CVE-2017-2528	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/42105.html
GLSA-201706-15		https://security.gentoo.org/glsa/201706-15

Data source	Exploit-DB
Date added	June 1, 2017
Description	WebKit - CachedFrame does not Detach Openers Universal Cross-Site Scripting
Ransomware campaign use	Known
Source publication date	June 1, 2017
Exploit type	webapps
Platform	multiple
Source update date	June 1, 2017
Source URL	https://bugs.chromium.org/p/project-zero/issues/detail?id=1176

There are no known vectors.

Percentile	0.79753
EPSS Score	0.01311
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:58:44.111225+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201706-15	38.0.0