10 matches found
CVE-2026-11326
OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on .openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI...
CVE-2026-11326
OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on *.openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be leveraged to access these API functions, enabling access to browser history information and the ability to open or close tabs...
CVE-2026-11326
OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on .openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI...
CVE-2026-11326
OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on .openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI...
PT-2026-46878
OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on .openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI...
OpenAI Atlas 安全漏洞
OpenAI Atlas is an AI browser developed by OpenAI in the United States, which integrates artificial intelligence assistants into the browsing experience. Versions of OpenAI Atlas prior to 1.2025.288.15 contained a security vulnerability. This vulnerability stemmed from exposing privileged browser...
Lessons Learned From Exposing Unusual XSS Vulnerabilities
Misunderstood browser APIs are often at the core of many web security issues. With the rapid expansion of web APIs, keeping up with security best practices can be challenging. In this post, we’ll explore a few common mistakes developers make that lead to modern XSS Cross-Site Scripting...
The vulnerability in the API interfaces of Google Chrome and Microsoft Edge browsers allows attackers to disclose protected information or cause service failures.
The vulnerability of Google Chrome and Microsoft Edge browser extension APIs is related to improperly implemented security checks for standard elements. Exploiting this vulnerability can allow a malicious actor to disclose protected information or cause service failures through a specially create...
Design/Logic Flaw
A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the rendering process which could lead to controlling browser internal APIs...
OPENSUSE-SU-2021:0840-1 Security update for chromium
This update for chromium fixes the following issues: Chromium 91.0.4472.77 boo1186458: Support Managed configuration API for Web Applications WebOTP API: cross-origin iframe support CSS custom counter styles Support JSON Modules Clipboard: read-only files support Remove webkitBeforeTextInserted &...