Cross site request forgery (csrf)

DISPUTED A Cross Site Request Forgery CSRF vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution RCE on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. NOTE: the vendor disputes this because the attack requires a...

CVE-2021-45268

A Cross Site Request Forgery CSRF vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution RCE on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. NOTE: the vendor disputes this because the attack requires a session cook...

Cross site scripting

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-si...

CVE-2013-1713

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified comparisons during enforcement of the Same Origin Policy, which allows remote attackers to conduct cross-si...

CVE-2013-1713

CVE-2013-1713 affects Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20. It arises from an incorrect URI comparison during enforcement of the Same Origin Policy, enabling remote attackers to perfor...