Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 2022/10/25 2:40 p.m.5 views

Mozilla: Same-origin policy violation could have leaked cross-origin URLs

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a same-origin policy violation that could have allowed the theft of cross-origin URL entries, leaking the result of a redirect via performance.getEntries...

8.1CVSS7.3AI score0.00414EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/25 2:37 p.m.4 views

Mozilla: Same-origin policy violation could have leaked cross-origin URLs

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a same-origin policy violation that could have allowed the theft of cross-origin URL entries, leaking the result of a redirect via performance.getEntries...

8.1CVSS7.3AI score0.00414EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/01/12 10:26 a.m.3 views

Mozilla: Leaking cross-origin URLs through securitypolicyviolation event

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...

6.5CVSS7.3AI score0.00646EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.4 views

The vulnerability of Blink’s web page display mechanism in Google Chrome browser allows attackers to obtain URLs of cross-origin origins.

The vulnerability of Blink’s web page rendering mechanism in Google Chrome browsers is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to obtain cross-origin URLs through a specially created HTML page...

7.8CVSS7.1AI score0.01446EPSS
Exploits0References8Affected Software2
OSV
OSV
added 2018/11/14 3:29 p.m.3 views

UBUNTU-CVE-2018-17468

Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page...

6.5CVSS7.2AI score0.01446EPSS
Exploits0References2
CNVD
CNVD
added 2017/06/15 12:0 a.m.2 views

Microsoft Edge Information Disclosure Vulnerability (CNVD-2017-12109)

Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. An information disclosure vulnerability exists in Microsoft Edge. An attacker can exploit the vulnerability by tricking a user into viewing a specially crafted we...

4.3CVSS5.9AI score0.05253EPSS
Exploits0References1
Rows per page
Query Builder