3796 matches found
CVE-2025-62793 eLabFTW HTML / CSS Injection via Malicious SVG Upload Leads to Credential Theft / Clickjacking
eLabFTW is an open source electronic lab notebook for research labs. The application served uploaded SVG files inline. Because SVG supports active content, an attacker could upload a crafted SVG that executes script when viewed, resulting in stored XSS under the application origin. A victim who...
CVE-2025-62793
Summary: CVE-2025-62793 affects eLabFTW, an open-source electronic lab notebook. The root cause is that the application served uploaded SVG files inline, allowing SVGs with active content to execute scripts when viewed. This enables stored XSS under the application origin, potentially leading to ...
CVE-2025-62793 eLabFTW HTML / CSS Injection via Malicious SVG Upload Leads to Credential Theft / Clickjacking
eLabFTW is an open source electronic lab notebook for research labs. The application served uploaded SVG files inline. Because SVG supports active content, an attacker could upload a crafted SVG that executes script when viewed, resulting in stored XSS under the application origin. A victim who...
Multiple Password Managers Vulnerable to Clickjacking Attacks
Overview Browser-extension password managers, which autofill sensitive information on websites, can be exposed to various clickjacking attacks. These attacks exploit the trust relationship between a web page and the user-interface elements injected by the extension. Recent studies show that...
CVE-2025-31969
HCL Unica Platform is impacted by misconfigured Content Security Policy CSP. These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking...
Hostel Management System Clickjacking Vulnerability
Hostel Management System is a hostel management system. Hostel Management System is vulnerable to clickjacking, which occurs when the program does not adequately protect HTML iframes.No details of the vulnerability are available at this time...
EUVD-2025-33890
HCL Unica Platform is impacted by misconfigured Content Security Policy CSP. These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking...
CVE-2025-31969
HCL Unica Platform is impacted by misconfigured Content Security Policy CSP. These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking...
CVE-2025-31969 HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP)
HCL Unica Platform is impacted by misconfigured Content Security Policy CSP. These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking...
CVE-2025-31969 HCL Unica Platform is impacted by misconfigured Content Security Policy (CSP)
HCL Unica Platform is impacted by misconfigured Content Security Policy CSP. These can result in malicious resources getting loaded and browsers may come across certain types of attacks, such as cross-site scripting and clickjacking...
CVE-2025-31969
The CVE-2025-31969 issue affects HCL Unica Platform due to a misconfigured Content Security Policy (CSP). The underlying problem is CSP misconfiguration that can allow loading of malicious resources, with potential browser attacks including cross-site scripting and clickjacking. Documents consist...
HCL Unica Platform 安全漏洞
HCL Unica Platform is a state-of-the-art enterprise automated marketing platform from HCL India. No manual effort is required to handle routine marketing tasks and capture the most effective leads. HCL Unica Platform has a security vulnerability that stems from a misconfigured content security...
PT-2025-41712
Name of the Vulnerable Software and Affected Versions HCL Unica Platform affected versions not specified Description The HCL Unica Platform is susceptible to issues stemming from a misconfigured Content Security Policy CSP. This misconfiguration can allow malicious resources to load, potentially...
AlmaLinux 10 : thunderbird (ALSA-2025:8608)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:8608 advisory. firefox: thunderbird: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: thunderbird: Out-of-bounds access when optimizing linear...
AlmaLinux 10 : firefox (ALSA-2025:8341)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:8341 advisory. firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential local...
EUVD-2020-29078
Malware in sbrugna...
EUVD-2016-10223
Malware in sbrugna...
EUVD-2013-7013
Malware in sbrugna...
EUVD-2014-2589
Malware in sbrugna...
EUVD-2011-3095
Malware in sbrugna...