6 matches found
Improper URL Parsing
Browser-Use is vulnerable to Improper URL parsing. The vulnerability is due to mishandled handling of alloweddomains when userinfo is included in the authority component within the isurlallowed method, which allows attackers to bypass domain restrictions...
GitLab Authorization Issues Vulnerability (CNVD-2020-12719)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. An authorization issue vulnerability exists in GitLab...
GitLab: Bypass Email Verification using Salesforce -- Reproducible in gitlab.com
Summary The salesforce login integration allows attacker to bypass email verification -- user is able to signup with any email domain they want, effectively bypass all email domain whitelist/blacklist restriction or any other 3rd party using gitlab instance's email address. It is possible because...
Mozilla Firefox WebExtension Domain Restriction Bypass Vulnerability
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Firefox ESR is an extended support version of Firefox. A security vulnerability exists in Mozilla Firefox versions prior to 63 and Firefox ESR versions prior to 60.3. A remote attacker can exploit this...
BlackBerry Cross Origin Bypass
0000000000000000000000000000000000 000000000000000000000 00000000000000000000000000000000000 0000000000000000 00000000000000000000000000000000 + BlackBerry Browser Cross Origin Bypass + Author : 599eme Man + Contact : [email protected]...
Internet Explorer History Index Script Injection (MS09-019; CVE-2009-1140)
Microsoft Internet Explorer is the most widely used Internet browser. An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer caches data and incorrectly allows the cached content to be called, potentially...