Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

28 matches found

OSV
OSVadded 2018/06/11 9:29 p.m.4 views

CVE-2016-9895

Event handlers on "marquee" elements were executed despite a strict Content Security Policy CSP that disallowed inline JavaScript. This vulnerability affects Firefox 50.1, Firefox ESR 45.6, and Thunderbird 45.6...

6.1CVSS8.8AI score
Exploits0References10
NVD
NVDadded 2015/11/05 5:59 a.m.10 views

CVE-2015-7187

The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...

4.3CVSS8.5AI score0.00483EPSS
Exploits0References7
Prion
Prionadded 2015/11/05 5:59 a.m.13 views

Cross site scripting

The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...

4.3CVSS5.9AI score0.00483EPSS
Exploits0References7Affected Software1
OSV
OSVadded 2015/11/04 12:0 a.m.0 views

UBUNTU-CVE-2015-7187

The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...

4.3CVSS7.3AI score0.00483EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2015/11/04 12:0 a.m.15 views

CVE-2015-7187

The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: false" panel setting, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via inline JavaScript code that is executed within a third-party extension...

4.3CVSS7.3AI score0.00483EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2014/06/13 12:0 a.m.34 views

openSUSE Security Update : seamonkey (seamonkey-4074)

Mozilla SeaMonkey was updated to version 2.0.12, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

10CVSS9.2AI score0.09158EPSS
Exploits3References12
Friends Of PHP
Friends Of PHPadded 1970/01/01 12:0 a.m.15 views

XSS vulnerability on asset view

Impact Mautic versions before 3.3.4 / 4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets. Patch...

7.1CVSS5.7AI score0.0069EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHPadded 1970/01/01 12:0 a.m.12 views

XSS vulnerability on contacts view

Impact Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populat...

8.3CVSS6.7AI score0.00352EPSS
Exploits0Affected Software1
Rows per page
Query Builder