CVE-2011-1121

Removed by vendor...

CVE-2011-1118

Removed by vendor...

Google Fixes 19 Bugs in Chrome, Pays $14K in Bug Bounties

Google has released version 9.0.597.107 of its Chrome browser, fixing 19 security vulnerabilities and paying $14,000 in rewards to researchers in the process. The new version of Chrome, which Google released on Monday afternoon, includes fixes for 16 high-severity vulnerabilities and three bugs...

CVE-2010-2301

Cross-site scripting XSS vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762...

Cross site scripting

Cross-site scripting XSS vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762...

CVE-2010-1762

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element...

CVE-2010-1762

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element...

Cross site scripting

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element...

CVE-2010-1762

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML in a TEXTAREA element...

CVE-2010-1762

Removed by vendor...

[SECURITY] Fedora 13 Update: xinha-0.96.1-2.fc13

Xinha is a Javascript component that can be used to enhance a textarea fiel d in HTML. It can be used on its own or as part of a larger WYSIWYG module such as Scribite...

Cross site scripting

Cross-site scripting XSS vulnerability in the BUEditor module 5.x before 5.x-1.2 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the "plain textarea editor."...

CVE-2009-3363

Cross-site scripting XSS vulnerability in the BUEditor module 5.x before 5.x-1.2 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the "plain textarea editor."...

CVE-2009-2376

Cross-site scripting XSS vulnerability in the Html::textarea function in application/libraries/Html.php in TangoCMS 2.x before 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the value parameter, related to the Contact module...

Cross site scripting

Cross-site scripting XSS vulnerability in the Html::textarea function in application/libraries/Html.php in TangoCMS 2.x before 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the value parameter, related to the Contact module...

CVE-2009-2376

Cross-site scripting XSS vulnerability in the Html::textarea function in application/libraries/Html.php in TangoCMS 2.x before 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the value parameter, related to the Contact module...

Cross site scripting

Cross-site scripting XSS vulnerability in dijit.Editor in Dojo before 1.1 allows remote attackers to inject arbitrary web script or HTML via XML entities in a TEXTAREA element...

CVE-2003-1505

Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service crash by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Ripe Website Manager 0.8.9 and earlier allow remote authenticated users to inject arbitrary web script or HTML via one or more of the following vectors: the 1 id parameter to a pages/deletepage.php, b navigation/deletemenu.php, and c...

CVE-2007-3511

The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated ...