1543 matches found
PT-2026-30001
Impact Apps that register an asynchronous session.setPermissionRequestHandler may be vulnerable to a use-after-free when handling fullscreen, pointer-lock, or keyboard-lock permission requests. If the requesting frame navigates or the window closes while the permission handler is pending, invokin...
PT-2026-38110
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description A use after free issue in Fullscreen on Windows allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Use...
CVE-2025-47666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image FullScreen Background: from n/a through = 1.6.7...
CVE-2025-47666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...
CVE-2025-47666
CVE-2025-47666 is a reflected Cross-Site Scripting vulnerability in LambertGroup Image&Video FullScreen Background (lbg_fullscreen_fullwidth_slider) affecting versions through 1.6.7. The issue, described in multiple sources, arises from improper input neutralization during web page generation and...
CVE-2025-47666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image FullScreen Background: from n/a through = 1.6.7...
CVE-2025-47666 WordPress Image&Video FullScreen Background plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...
CVE-2025-47666 WordPress Image&Video FullScreen Background plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...
PT-2026-3965
Name of the Vulnerable Software and Affected Versions LambertGroup Image&Video FullScreen Background versions through 1.6.7 Description The software contains a flaw related to improper input handling during web page generation, which allows for Reflected Cross-site Scripting XSS. This means that...
WordPress plugin lbg_fullscreen_fullwidth_slider has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
MiracleLinux 7 : firefox-102.10.0-1.0.1.el7.AXS7 (AXSA:2023-5303:17)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5303:17 advisory. MFSA-TMP-2023-0001 Mozilla: Double-free in libwebp BZ2186102 Mozilla: Fullscreen notification obscured CVE-2023-29533 Mozilla: Potential Memory...
MiracleLinux 8 : firefox-102.7.0-1.el8.ML.1 (AXSA:2023-4857:04)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4857:04 advisory. Mozilla: libusrsctp library out of date CVE-2022-46871 Mozilla: Arbitrary file read from GTK drag and drop on Linux CVE-2023-23598 Mozilla: Memory...
MiracleLinux 8 : firefox-91.4.0-1.el8.ML.1 (AXSA:2022-2971:02)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2971:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...
MiracleLinux 9 : thunderbird-102.5.0-2.el9.ML.1 (AXSA:2023-5045:06)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5045:06 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...
MiracleLinux 7 : firefox-91.3.0-1.0.1.el7.AXS7 (AXSA:2021-2530:32)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2530:32 advisory. Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 Mozilla: iframe sandbox rules d...
MiracleLinux 7 : firefox-102.8.0-2.0.1.el7.AXS7 (AXSA:2023-5143:11)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5143:11 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...
MiracleLinux 8 : firefox-102.8.0-2.el8.ML.1 (AXSA:2023-5141:10)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5141:10 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...
MiracleLinux 9 : thunderbird-91.9.0-3.el9.ML.1 (AXSA:2022-3963:16)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3963:16 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...
MiracleLinux 8 : thunderbird-102.13.0-2.el8.ML.1 (AXSA:2023-6238:20)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6238:20 advisory. Mozilla: Use-after-free in WebRTC certificate generation CVE-2023-37201 Mozilla: Potential use-after-free from compartment mismatch in SpiderMonkey...
MiracleLinux 8 : firefox-91.9.0-1.el8.ML.1 (AXSA:2022-3174:10)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3174:10 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...