5836 matches found
CVE-2022-1494
Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page...
Input validation
Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...
Input validation
Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page...
Input validation
Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page...
CVE-2022-1500
Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page...
CVE-2022-1500
Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page...
CVE-2022-1500
Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page...
CVE-2022-1500
CVE-2022-1500 affects Google Chrome/Chromium Dev Tools. The root cause is insufficient data validation in Dev Tools that allows a remote attacker to bypass the Content Security Policy through a crafted HTML page. Documented impact is CSP bypass with network-remote vector, supported by CVSS data: ...
CVE-2022-1500
Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page...
CVE-2022-1500
Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page...
CVE-2022-1494
Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page...
CVE-2022-1494
CVE-2022-1494 affects Google Chrome/Chromium with insufficient data validation in Trusted Types, enabling a remote attacker to bypass the trusted types policy via a crafted HTML page. The issue is tied to Chrome/Chromium components and was addressed in the 101.0.4951.41 stable release for Windows...
CVE-2022-1494
Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page...
CVE-2022-1494
Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page...
CVE-2022-1492
Summary: CVE-2022-1492 corresponds to a Chrome/Blink vulnerability described as insufficient data validation in Blink Editing that could allow a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page. The issue affects Google Chrome’s Blink Editing path and is associated with...
CVE-2022-1492
Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...
CVE-2022-1492
Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...
CVE-2022-1492
Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...
WordPress Testimonials plugin跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Testimonials plugin is vulnerable to a cross-site scripting vulnerability that stems from t...
CVE-2022-35872
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition 8.1.15 b2022030114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...