Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2026/04/10 12:0 a.m.122 views

📄 RomM Cross Site Scripting / File Upload

RomM versions prior to 4.4.1 chained vulnerabilities exploit that leverages file upload to achieve cross site scripting that then leverages csrf token reuse to change a user's password. Exploit Title: RomM Application tab or Storage on Firefox Cookies - Copy the rommcsrftoken cookie value 3...

7.6CVSS5.2AI score0.00273EPSS
Exploits2
Veracode
Veracode
added 2020/12/06 4:44 a.m.28 views

Improper Input Validation

chromium is vulnerable to improper input validation. The vulnerability exists due to lack of validation of ancestor frames site when sending lax cookies in navigation in Google Chrome, allowing a malicious user to bypass SameSite cookie policy via a crafted HTML page...

6.5CVSS2.6AI score0.0255EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/04 12:0 a.m.5 views

The vulnerability of Google Chrome browser, related to insufficient validation of input data, allows a hacker to circumvent the Cookie SameSite policy.

The vulnerability of Google Chrome lies in the lack of proper validation of cookie-related frames during the sending of cookies. Exploiting this vulnerability allows a remote attacker to circumvent the Cookie SameSite policy by using a specially created HTML page...

6.5CVSS7.1AI score0.0255EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2018/12/06 12:0 a.m.2 views

Google Chrome Navigation Information Disclosure Vulnerability

Google Chrome is a web browser developed by Google, Inc.Navigation is one of the browser navigation modules. A security vulnerability exists in Navigation in versions of Google Chrome prior to 71.0.3578.80, which stems from insufficient policy enforcement. The vulnerability can be exploited by a...

6.5CVSS8.5AI score0.0255EPSS
Exploits0References1
Rows per page
Query Builder