The flaw affects fully patched browsers on Windows, Linux and Mac systems, according to a posting on the Full Disclosure security mailing list.
Security experts noted that exploiting the flaw would require the user to type a fair amount of text. Attackers would therefore most likely target online games or blogs.
Although the flaw requires a sophisticated attacker to effectively exploit it, it is noteworthy because it spans multiple operating systems and browser vendors.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago