A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged...
7.8CVSS
7.4AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability exists in the Origin Client for Mac and PC 10.5.86 or earlier that could allow a remote attacker to execute arbitrary Javascript in a target userβs Origin client. An attacker could use this vulnerability to access sensitive data related to the target...
5.4CVSS
5.4AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
7.8CVSS
7.7AI Score
0.0004EPSS
In uBlock before 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open...
9CVSS
9.1AI Score
0.006EPSS
The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication...
7.8CVSS
8.2AI Score
0.492EPSS