143 matches found
CVE-2026-5938
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-31906
CVE-2026-31906 affects Apache OFBiz up to version 24.09.05 (pre-24.09.06). The issue is an improper neutralization of input during web page generation, i.e., Cross-Site Scripting (XSS). Some sources describe it as a reflected XSS due to improper HTML attribute escaping in layered-modal dialog par...
CVE-2026-5938
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...
EUVD-2026-25824
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...
CVE-2026-5938
CVE-2026-5938 affects Foxit PDF Editor/Reader. A crafted document action chain can trigger improper control flow, causing modal dialogs to reenter on the main thread and leading to a UI freeze/denial of service. The description indicates an infinite loop-like behavior related to the dialog handli...
CVE-2026-5938
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...
CVE-2026-5938 Foxit PDF Editor/Reader Infinite Loop Denial-of-Service Vulnerability
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...
CVE-2026-5938 Foxit PDF Editor/Reader Infinite Loop Denial-of-Service Vulnerability
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...
PT-2026-35400
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...
Foxit PDF Editor < 13.2.4 Multiple Vulnerabilities
According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 13.2.4. It is, therefore affected by multiple vulnerabilities: - Document structural anomalies caused inconsistencies between page element relationships an...
Drupal core - Critical - Cross-site scripting - SA-CORE-2026-001
Drupal core's jQuery integration for AJAX modal dialog boxes does not sufficiently sanitize certain options, which can lead to a cross-site scripting XSS vulnerability...
PT-2026-33240
Name of the Vulnerable Software and Affected Versions Drupal versions prior to 10.5.9 Drupal versions prior to 10.6.7 Drupal versions prior to 11.2.11 Drupal versions prior to 11.3.7 Description Drupal core's jQuery integration for AJAX modal dialog boxes does not sufficiently sanitize certain...
CVE-2026-32367
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...
EUVD-2026-11862
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...
CVE-2026-32367
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...
CVE-2026-32367 WordPress Modal Dialog plugin <= 3.5.16 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...
CVE-2026-32367 WordPress Modal Dialog plugin <= 3.5.16 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...
CVE-2026-32367
CVE-2026-32367 concerns the WordPress WordPress Modal Dialog plugin, vulnerable through the component “modal-dialog” up to version 3.5.16. The issue is described as an improper control of code generation, i.e., a Remote Code Inclusion/Execution vulnerability. Public records in the connected sourc...
CVE-2026-32367
Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...