Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/06/01 11:24 a.m.36 views

CVE-2026-9309 Arbitrary JavaScript execution in internal pages via Reader View JSON-LD injection

Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...

0.00157EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/01 11:24 a.m.14 views

EUVD-2026-33630

Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...

5.4CVSS6AI score0.00157EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/01 11:24 a.m.10 views

CVE-2026-9309

Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...

5.4CVSS6AI score0.00157EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 11:24 a.m.9 views

CVE-2026-9308

Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...

5.4CVSS5.9AI score0.00157EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/01 11:24 a.m.10 views

EUVD-2026-33629

Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...

5.4CVSS5.9AI score0.00157EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/01 11:24 a.m.10 views

CVE-2026-9308

Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. This vulnerability was...

5.4CVSS5.9AI score0.00157EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Mozilla Firefox for iOS 安全漏洞

Mozilla Firefox for iOS is a web browser designed for iOS devices by the Mozilla Foundation in the United States. Versions of Mozilla Firefox for iOS prior to 151.2 contained a security vulnerability. This vulnerability stemmed from Reader View replacing the page content in the HTML template befo...

5.4CVSS5.5AI score0.00157EPSS
Exploits0References2
ICS
ICS
added 2022/08/30 12:0 a.m.40 views

Honeywell ControlEdge

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Honeywell Equipment: ControlEdge Vulnerability: Missing Authentication for Critical Function CISA is aware of a public report known as “OT:ICEFALL” that details vulnerabilities found in multiple...

9.8CVSS10AI score0.01395EPSS
Exploits0References5
Rows per page
Query Builder