Lucene search
K

28 matches found

CNNVD
CNNVD
added 2021/05/10 12:0 a.m.4 views

Yzmcms 跨站脚本漏洞

Yzmcms is an open source CMS Content Management System. A cross-site scripting vulnerability exists in YzmCMS version 5.6. The vulnerability stems from the program using UEditor 1.4.3.3, so the vulnerability can be exploited through the SRC attribute of the IFRAME element in...

6.1CVSS5.2AI score0.00873EPSS
Exploits1References1
OSV
OSV
added 2018/06/11 9:29 p.m.4 views

DEBIAN-CVE-2018-5162

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

7.5CVSS8.3AI score0.0198EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/05/24 7:59 p.m.8 views

Mozilla: Encrypted mail leaks plaintext through src attribute

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR 52.8 and Thunderbird 52.8...

7.5CVSS7.4AI score0.0198EPSS
Exploits0References5
OSV
OSV
added 2018/03/25 7:29 p.m.4 views

CVE-2018-8978

Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an IMG element within a URI...

5.4CVSS5.8AI score0.00545EPSS
Exploits1References1
OSV
OSV
added 2018/02/12 2:29 p.m.4 views

CVE-2017-18175

Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration aka Templateconfiguration, as demonstrated by the src attribute of an IMG element. This is fixed in 10.1...

5.4CVSS5.8AI score0.00718EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2012/05/16 12:55 a.m.3 views

CVE-2011-3083

browser/profiles/profileimpliodata.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted web page...

5CVSS8.4AI score0.01309EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2010/07/24 12:1 a.m.5 views

Mozilla arbitrary free flaw

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted HTML document, related to the DATA and...

10CVSS7.8AI score0.0413EPSS
Exploits1References4
PyPA
PyPA
added 2005/12/31 5:0 a.m.7 views

PYSEC-2005-1

Cross-site scripting XSS vulnerability in the HTML WikiProcessor in Edgewall Trac 0.9.2 allows remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of an IMG tag...

4.3CVSS6AI score0.0151EPSS
Exploits1References9Affected Software1
Rows per page
Query Builder