3 matches found
jenkins-2-plugins/matrix-auth: Stored XSS vulnerability in Matrix Authorization Strategy Plugin
A flaw was found in the Matrix Authorization Strategy Plugin version 2.6.1 and prior. User names are not escaped in the permission table which could lead to a stored cross-site scripting XSS vulnerability. The user must have the Agent/Configure, Job/Configure, or Overall/Administer permissions fo...
Google Chrome Information Disclosure Vulnerability (CNVD-2015-02650)
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the browser/ui/websitesettings/websitesettings.cc file in versions of Google Chrome prior to 42.0.2311.90, which stems from a failure to display the following in the Permissions tabl...
UBUNTU-CVE-2015-3334
browser/ui/websitesettings/websitesettings.cc in Google Chrome before 42.0.2311.90 does not always display "Media: Allowed by you" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for user-assisted remote attackers to obtain sensitive...