12 matches found
PT-2025-37081
Name of the Vulnerable Software and Affected Versions: Decap CMS versions through 3.8.3 Description: A Cross Site Scripting XSS vulnerability exists in Decap CMS. Input fields, including body, tags, title, and description, are not properly sanitized before being rendered in the content preview...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...
Mozilla: Improper handling of html and body tags enabled CSP nonce leakage
The Mozilla Foundation Security Advisory describes this flaw as: Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies...
Mozilla: Improper handling of html and body tags enabled CSP nonce leakage
The Mozilla Foundation Security Advisory describes this flaw as: Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies...
Mozilla: Improper handling of html and body tags enabled CSP nonce leakage
The Mozilla Foundation Security Advisory describes this flaw as: Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies...
Mozilla: Improper handling of html and body tags enabled CSP nonce leakage
The Mozilla Foundation Security Advisory describes this flaw as: Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies...
Mozilla: Improper handling of html and body tags enabled CSP nonce leakage
The Mozilla Foundation Security Advisory describes this flaw as: Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies...
Mozilla: Improper handling of html and body tags enabled CSP nonce leakage
The Mozilla Foundation Security Advisory describes this flaw as: Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies...
Mozilla: Improper handling of html and body tags enabled CSP nonce leakage
The Mozilla Foundation Security Advisory describes this flaw as: Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies...
Mozilla Firefox ESR Security Update (MFSA2024-13) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
USN-6703-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-2609, CVE-2024-2611,...
Cross site scripting
Unspecified vulnerability in index.php in imageVue 16.1 has unknown impact, probably a cross-site scripting XSS vulnerability involving the query string that is not quoted when inserted into style and body tags, as demonstrated using a bgcol parameter...