3 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the Add friends module in Yoono Desktop Application before 1.8.21 allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action...
CVE-2012-1215
The CVE-2012-1215 entry describes a Cross-site scripting (XSS) vulnerability in the Add friends module of the Yoono Firefox extension, exploited via the create field in a "Create a group" action. The affected product is the Yoono extension for Firefox, with versions prior to 7.7.8. The underlying...
CVE-2012-1215
Cross-site scripting XSS vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action...