2 matches found
Chaturbate: Stored XSS in chat topic due to insecure emoticon parsing on any message type
Description The funcitonality for adding emoticons into the chat from the serverside perspective is based on a string in the following format: %%%emoticon NAME|EMOTICONURL|WIDTH|HEIGHT|REPORTURL%%% The EMOTICONURL must conform to the following regex: javascript...
pidgin: Heap-based buffer overflow in MXit emoticon parsing
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service segmentation fault via a crafted emoticon value, which triggers an integer overflow and a buffer overflow...