4187 matches found
Security Vulnerabilities fixed in Focus for iOS 148.2 — Mozilla
Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a self navigation to an invalid port and triggering an iframe redirect, causing the UI to display a trusted domain without user interaction...
CVE-2026-2634
The vulnerability CVE-2026-2634 affects Firefox for iOS . Malicious scripts could cause desynchronization between the address bar and web content before a response is received, allowing attacker‑controlled pages to be displayed under spoofed domains. The vulnerability is stated to be fixed in Fir...
CVE-2026-2634 Spoofed web content presented under trusted domains using scripted navigation on Firefox iOS
Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed domains. This vulnerability was fixed in Firefox for iOS 147.4...
PT-2026-21830
Malicious scripts could display attacker-controlled web content under spoofed domains in Focus for iOS by stalling a self navigation to an invalid port and triggering an iframe redirect, causing the UI to display a trusted domain without user interaction. This vulnerability affects Focus for iOS...
CVE-2025-52603
HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser...
CVE-2025-52603
HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser...
CVE-2025-52603
HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser...
CVE-2025-52603 HCL Connections is vulnerable to information disclosure
HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser...
CVE-2025-52603
CVE-2025-52603 affects HCL Connections. The issue allows information disclosure in a very specific user navigation scenario where a single piece of internal metadata is returned in the browser. The impact is limited information exposure (low confidentiality impact per CVSS 3.1). The description d...
CVE-2025-52603 HCL Connections is vulnerable to information disclosure
HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain limited information when a single piece of internal metadata is returned in the browser...
CVE-2026-25332
Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through = 2.2.9...
HCL Connections 安全漏洞
HCL Connections is a corporate collaboration platform developed by the Indian company HCL. There is a security vulnerability in HCL Connections, which stems from the possibility of browsers returning internal metadata under certain user navigation scenarios, resulting in users accessing limited...
PT-2026-21019
Name of the Vulnerable Software and Affected Versions HCL Connections affected versions not specified Description HCL Connections is susceptible to information disclosure. A specific user navigation scenario may allow a user to obtain limited information due to the return of internal metadata in...
CVE-2026-25332
Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through = 2.2.9...
CVE-2026-25332
CVE-2026-25332 affects the WordPress Endless Posts Navigation plugin (versions up to 2.2.9). The issue is Missing Authorization / Broken Access Control due to incorrectly configured access control, enabling exploitation without privileges. The connected documents do not specify a concrete fix ver...
CVE-2026-25332 WordPress Endless Posts Navigation plugin <= 2.2.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through = 2.2.9...
CVE-2026-25332
Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through = 2.2.9...
CVE-2026-25332 WordPress Endless Posts Navigation plugin <= 2.2.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through = 2.2.9...
PT-2026-20700
Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through = 2.2.9...
WordPress plugin Endless Posts Navigation 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...