CVE-2018-5143

URLs using "javascript:" have the protocol removed when pasted into the addressbar to protect users from cross-site scripting XSS attacks, but if a tab character is embedded in the "javascript:" URL the protocol is not removed and the script will execute. This could allow users to be socially...

CVE-2017-5420

A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability affects Firefox 52...

UBUNTU-CVE-2016-5226

Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac executed javascript: URLs entered in the URL bar in the context of the current tab, which allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar...

Mozilla: Displayed page address can be overridden (MFSA 2016-21)

browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL...

CVE-2014-9272

The stringinserthref function in MantisBT 1.2.0a1 through 1.2.x before 1.2.18 does not properly validate the URL protocol, which allows remote attackers to conduct cross-site scripting XSS attacks via the javascript:// protocol...

SuSE 11.3 Security Update : icedtea-web (SAT Patch Number 8974)

The OpenJDK Java Plugin IcedTea Web was released to fix a temporary file access problem. Changes : - Dialogs center on screen before becoming visible. - Support for u45 new manifest attributes Application-Name. - Custom applet permission policies panel in itweb-settings control panel. - Plugin...

Fedora 19 : icedtea-web-1.4.2-0.fc19 (2014-2071)

New in release 1.4.2 2014-02-05 : - Dialogs center on screen before becoming visible - Support for u45 new manifest attributes Application-Name - Custom applet permission policies panel in itweb-settings control panel - Plugin - PR1271: icedtea-web does not handle 'javascript:'-protocol URLs -...

Mozilla: XSS with Drag and Drop and Javascript: URL (MFSA 2012-13)

Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 do not properly restrict drag-and-drop operations on javascript: URLs, which allows user-assisted remote...

Google Chrome 4.1.249.1059 Cross Origin Bypass in Google URL (GURL)

Exploit for windows platform in category remote exploits =================================================================== Google Chrome 4.1.249.1059 Cross Origin Bypass in Google URL GURL =================================================================== Google Chrome 4.1.249.1059 Cross Origi...

Opera PDF Javascript Security Bypass Vulnerability (Linux)

The host is installed with Opera Web Browser and is prone to PDF Javascript Security Bypass Vulnerability. OpenVAS Vulnerability Test $Id: secpodoperapdfjsrestbypassvulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ Opera PDF Javascript Security Bypass Vulnerability Linux Authors: Antu Sanadi...

security flaw

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may lead to code execution if the standalone...

CVE-2003-1026

Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back back function is called, as demonstrated by BackToFramedJpu, aka th...

CVE-2003-1026

CVE-2003-1026 affects Internet Explorer 5.01–6.0 (Travel Log cross-domain vulnerability). A crafted script URL stored in the travel log/subframes could bypass zone restrictions and execute in the top window’s zone when history.back is invoked, potentially allowing access to cross-domain data and ...

Microsoft Internet Explorer does not adequately validate javascript: protocol URL

Overview Microsoft Internet Explorer IE does not adequately validate javascript: protocol URLs. An attacker could exploit this vulnerability to evaluate script in different security domains. By causing script to be evaluated in the Local Machine Zone, the attacker could execute arbitrary code wit...

MSIE->NAFjpuInHistory

NAFjpuInHistory tested Browser Ver MS Internet Explorer: 6.0.2600.0000.xpclntqfe.021108-2107; Encryption: 128-bit; Patch:; Q810847; So, it's far from fully patched. it also works after applying the patch for "Using the backbutton in IE is dangerous" OS Ver: "Windows XP Cn ver" demo...

MSIE:patched&undisclosed XSS vuln

MSIE:patched&undisclosed XSS vuln "that's all" is end of file if you are in a hurry tested OS:Windows XP Professional Browser: MS Internet Explorer 6.0.2600.0000.xpclient.01087-1148 without any patch note: it doesn't work on the patched MSIE demo at...

Opera javascript protocoll vulnerability [Sandblad advisory #6]

Sandblad advisory 6 - ---..---..---..---..---..---..---..---..---..---..---..---..---- Title: Opera javascript protocoll vulnerability Date: 2002-05-15 Software: At least Opera 6.01, 6.0, 5.12 win Rating: High because Opera is assumed to be secure Impact: Read cookies/local filestructure/cache...

PT-2000-1070 · Microsoft · Hotmail

Name of the Vulnerable Software and Affected Versions: Hotmail affected versions not specified Description: The issue concerns the improper filtering of JavaScript code from a user's mailbox. This allows a remote attacker to execute JavaScript code by using hexadecimal codes to specify the...

netscape-4.x-DoS.txt

Date: Sun, 6 Sep 1998 00:53:24 +0200 From: Michal Zalewski To: [email protected] Subject: Sendmail, lynx, Netscape, sshd, Linux kernel twice Now, some DoSes on Netscape 4.0x browsers: ------------------------------------------ Meta refresh or href to URL "mocha:document.open'300k times A';"...

CVE-2026-45753: HtmlSanitizer UrlAttributeSanitizer Omits action/formaction/poster/cite: javascript: URI Survives Sanitization (XSS)

More info at https://symfony.com/cve-2026-45753...