182 matches found
OpenClaw's Browser Relay /cdp websocket is missing auth which could allow cross-tab cookie access
Summary In affected versions, the Browser Relay /cdp WebSocket endpoint did not require an authentication token. As a result, a website running in the browser could potentially connect to the local relay via loopback WebSocket and use CDP to access cookies from other open tabs and run JavaScript ...
📄 Mailpit 1.28.1 Cross Site WebSocket Hijacking
A cross site websocket hijacking vulnerability exists in Mailpit versions 1.28.1 and below. The vulnerability allows remote attackers to intercept sensitive data such as email contents, headers, and server statistics in real-time. Mailpit - Cross-Site WebSocket Hijacking CSWSH Advisory ID:...
Mailpit is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) allowing unauthenticated access to emails
Summary The Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailpit locally,...
GHSA-524M-Q5M7-79MM Mailpit is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) allowing unauthenticated access to emails
Summary The Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicious website that, when visited by a developer running Mailpit locally,...
CVE-2025-62595
A flaw was found in Koa. A bypass of CVE-2025-8129 was discovered in the Koa.js framework affecting its back redirect functionality. In certain circumstances, an attacker can manipulate the Referer header to force a user’s browser to navigate to an external, potentially malicious website. This...
EUVD-2018-7929
Malware in sbrugna...
EUVD-2024-0918
Malicious code in bioql PyPI...
EUVD-2025-25135
Malicious code in bioql PyPI...
Security Bulletin: Axios before 1.7.8 uses setAttribute('href') in isURLSameOrigin.js, raising potential security concern
Summary In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute'href',href call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a...
Open Redirect
googlesignin is vulnerable to open redirect. The vulnerability is due to improper validation of crafted URLs that bypass the "same origin" check, which allows an attacker to redirect users to a malicious origin and potentially chain it with arbitrary data injection into session cookies...
Linux Distros Unpatched Vulnerability : CVE-2018-16072
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a...
SUSE CVE-2025-47909
Hosts listed in TrustedOrigins implicitly allow requests from the corresponding HTTP origins, allowing network MitMs to perform CSRF attacks. After the CVE-2025-24358 fix, a network attacker that places a form at http://example.com can't get it to submit to https://example.com because the Origin...
GHSA-5JCH-XHW4-R43V Google Sign-In for Rails allowed redirect to protocol-relative URI
Summary It is possible to redirect a user to another origin if the "proceedto" value in the session store is set to a protocol-relative URL. Details The googlesignin gem persists an optional URL for redirection after authentication. If this URL is set to a protocol-relative URL, it improperly...
CVE-2025-47909
Hosts listed in TrustedOrigins implicitly allow requests from the corresponding HTTP origins, allowing network MitMs to perform CSRF attacks. After the CVE-2025-24358 fix, a network attacker that places a form at http://example.com can't get it to submit to https://example.com because the Origin...
CVE-2025-47909
Hosts listed in TrustedOrigins implicitly allow requests from the corresponding HTTP origins, allowing network MitMs to perform CSRF attacks. After the CVE-2025-24358 fix, a network attacker that places a form at http://example.com can't get it to submit to https://example.com because the Origin...
Google Sign-In for Rails allowed redirect to protocol-relative URI
Summary It is possible to redirect a user to another origin if the "proceedto" value in the session store is set to a protocol-relative URL. Details The googlesignin gem persists an optional URL for redirection after authentication. If this URL is set to a protocol-relative URL, it improperly...
GHSA-7PWC-WH6M-44Q3 Google Sign-In for Rails allowed redirects to malformed URLs
Summary It is possible to craft a malformed URL that passes the "same origin" check, resulting in the user being redirected to another origin. Details The googlesignin gem persists an optional URL for redirection after authentication. If this URL is malformed, it's possible for the user to be...
CVE-2025-50864
An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...
CVE-2025-55300
Komari is a lightweight, self-hosted server monitoring tool designed to provide a simple and efficient solution for monitoring server performance. Prior to 1.0.4-fix1, WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking CSWSH attacks against authenticated user...
CVE-2025-50864
An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing CORS restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an...