5 matches found
CVE-2025-36364
IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system...
PYSEC-2024-121
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible to exfiltration via Cross-site scripting s...
xdLocalStorage input validation error vulnerability (CNVD-2020-28469)
xdLocalStorage is a lightweight JavaScript library that supports cross-domain data storage . An input validation error vulnerability exists in xdLocalStorage, which stems from a function that does not perform any validation on the origin of a Web message. An attacker can exploit this vulnerabilit...
CVE-2019-11380
The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage...
CVE-2019-4218
IBM Security Information Queue ISIQ 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 159227...