GHSA-4GX2-PC4F-WQ37 FastFeedParser has an infinite redirect loop DoS via meta-refresh chain

Summary When parse fetches a URL that returns an HTML page containing a tag, it recursively calls itself with the redirect URL — with no depth limit, no visited-URL deduplication, and no redirect count cap. An attacker-controlled server that returns an infinite chain of HTML meta-refresh response...

AZL-79640 CVE-2026-27142 affecting package python-tensorboard 2.16.2-6

Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actio...

CVE-2025-5983 Meta Tag Manager < 3.3 - Contributor+ Open Redirect

The Meta Tag Manager WordPress plugin before 3.3 does not restrict which roles can create http-equiv refresh meta tags...

WordPress plugin Meta Tag Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a Thunderbird user replying to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute and the content attribute specifying an URL. Thunderbird started a...

Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a Thunderbird user replying to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute and the content attribute specifying an URL. Thunderbird started a...

Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a Thunderbird user replying to a crafted HTML email containing a meta tag, with the meta tag having the http-equiv="refresh" attribute and the content attribute specifying an URL. Thunderbird started a...

Mozilla Thunderbird 跨站脚本漏洞

Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The software supports the IMAP and POP email protocols as well as the HTML email format. Mozilla Thunderbird suffers from a cross-site scripting vulnerabilit...

Cryptshare Ag Cryptshare 输入验证错误漏洞

Cryptshare Ag Cryptshare is a web application from Cryptshare Ag, Germany. It is used to securely serve files and messages. An input validation error vulnerability vulnerability exists in Cryptshare Ag Cryptshare.The product from which the vulnerability originates does not effectively handle data...

google-download1.txt

Google Chrome Auto Download and Rapid Download By IMC GrahamPhisher Shoutz IMC Tully IMC EXE Shouts To Everyone On The Forums InsaneMasterminds.com To have a file automatically start downloading through google chrome without the users permission is very easy, simple inject the meta refresh tag in...