There isn't enough information to go on in this report.  What exactly is the attached file supposed to demonstrate?  Please provide steps to reproduce.

Note that in general XSS vulnerabilities are in web sites.  This is the issue tracker for the chromium browser, and is unlikely to be the correct place to report such an issue.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot