4180 matches found
Cross-site Scripting (XSS)
ci4-cms-erp/ci4ms is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper sanitization and output encoding of user-controlled post data in the Menu Management functionality, which allows an attacker to inject malicious scripts that execute in administrative dashboards and...
SUSE CVE-2026-8562
Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-8563
Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
Chromium: CVE-2026-8562 Side-channel information leakage in Navigation
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-8562
A side-channel information leakage flaw was found in the Navigation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=40057534...
ROS-20260515-73-0053
A vulnerability in the Google Chrome browser is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to bypass navigation restrictions using a specially crafted HTML page...
ROS-20260515-73-0047
A vulnerability in the Google Chrome browser is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to bypass navigation restrictions using a specially crafted HTML page...
ROS-20260515-73-0046
A vulnerability in the Navigation feature of Google Chrome browser is related to improper authorization. Exploitation of the vulnerability could allow an attacker acting remotely to bypass navigation restrictions using a specially crafted HTML page...
CVE-2026-8563
Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8562
Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8562
Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8563
Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8562
Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8563
Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8563
Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-30380
Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8562
Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-30379
Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8563
CVE-2026-8563 affects Google Chrome on Windows, with an insufficient policy enforcement flaw in the IFrame Sandbox of Chromium that could allow a remote attacker to bypass navigation restrictions via a crafted HTML page. Affected component: IFrame Sandbox; root cause: policy enforcement insuffici...
CVE-2026-8562
CVE-2026-8562 describes a side-channel information leakage flaw in the Navigation component of Google Chrome (upstream Chromium) prior to 148.0.7778.168. A crafted HTML page could leak cross-origin data, as indicated by multiple sources (NVD/Red Hat/ Debian trackers) and upstream Chromium bug 400...