4 matches found
📄 RomM Cross Site Scripting / File Upload
RomM versions prior to 4.4.1 chained vulnerabilities exploit that leverages file upload to achieve cross site scripting that then leverages csrf token reuse to change a user's password. Exploit Title: RomM Application tab or Storage on Firefox Cookies - Copy the rommcsrftoken cookie value 3...
Improper Input Validation
chromium is vulnerable to improper input validation. The vulnerability exists due to lack of validation of ancestor frames site when sending lax cookies in navigation in Google Chrome, allowing a malicious user to bypass SameSite cookie policy via a crafted HTML page...
The vulnerability of Google Chrome browser, related to insufficient validation of input data, allows a hacker to circumvent the Cookie SameSite policy.
The vulnerability of Google Chrome lies in the lack of proper validation of cookie-related frames during the sending of cookies. Exploiting this vulnerability allows a remote attacker to circumvent the Cookie SameSite policy by using a specially created HTML page...
Google Chrome Navigation Information Disclosure Vulnerability
Google Chrome is a web browser developed by Google, Inc.Navigation is one of the browser navigation modules. A security vulnerability exists in Navigation in versions of Google Chrome prior to 71.0.3578.80, which stems from insufficient policy enforcement. The vulnerability can be exploited by a...