Lucene search
K

31 matches found

Cvelist
Cvelist
added 2014/04/04 3:0 p.m.23 views

CVE-2014-0638

Cross-site scripting XSS vulnerability in RSA Adaptive Authentication On-Premise 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a "cross-frame scripting" issue...

5.6AI score0.00986EPSS
Exploits1References1
NVD
NVD
added 2013/12/21 2:22 p.m.16 views

CVE-2013-5407

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, related to a "frame injection" issue...

4.9CVSS5.7AI score0.00803EPSS
Exploits0References3
Prion
Prion
added 2013/12/19 10:55 p.m.17 views

Code injection

IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct clickjacking attacks via vectors involving FRAME elements...

4.3CVSS6.9AI score0.01803EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2013/08/08 12:0 a.m.65 views

Mozilla Thunderbird Multiple Vulnerabilities (Aug 2013) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

10CVSS9.7AI score0.40118EPSS
Exploits14References4
OpenVAS
OpenVAS
added 2013/08/08 12:0 a.m.43 views

Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2013) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

10CVSS9.7AI score0.40118EPSS
Exploits14References4
OpenVAS
OpenVAS
added 2013/08/08 12:0 a.m.32 views

Mozilla Thunderbird Multiple Vulnerabilities (Aug 2013) - Windows

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

10CVSS9.7AI score0.40118EPSS
Exploits14References4
RedHat Linux
RedHat Linux
added 2013/08/07 8:22 a.m.1 views

Mozilla: Document URI misrepresentation and masquerading (MFSA 2013-68)

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting XSS attack...

4.3CVSS6.4AI score0.01331EPSS
Exploits0References5
Cvelist
Cvelist
added 2013/08/07 1:0 a.m.23 views

CVE-2013-1709

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting XSS attack...

8.4AI score0.01331EPSS
Exploits0References6
NVD
NVD
added 2013/08/06 1:20 p.m.16 views

CVE-2013-3996

IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct phishing attacks via a crafted web site...

4.9CVSS6AI score0.01167EPSS
Exploits0References5
Prion
Prion
added 2012/08/21 10:46 a.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Administrative Console in IBM WebSphere Application Server WAS 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME...

4.3CVSS5.8AI score0.01832EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2012/08/21 10:0 a.m.69 views

CVE-2012-3293

CVE-2012-3293 is an XSS flaw in IBM WebSphere Application Server’s Administrative Console. It affects WAS versions 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1, allowing remote attackers to inject arbitrary script via FRAME/cross-frame contexts. IBM...

4.3CVSS7.3AI score0.01832EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder