Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:22 a.m.4 views

SUSE CVE-2018-18499

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries. This is a same-origin policy violation and could allow for data theft. This vulnerability affects...

6.5CVSS8.2AI score0.0105EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/10/25 2:53 p.m.4 views

Mozilla: Same-origin policy violation could have leaked cross-origin URLs

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a same-origin policy violation that could have allowed the theft of cross-origin URL entries, leaking the result of a redirect via performance.getEntries...

8.1CVSS7.3AI score0.00414EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/25 2:38 p.m.6 views

Mozilla: Same-origin policy violation could have leaked cross-origin URLs

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a same-origin policy violation that could have allowed the theft of cross-origin URL entries, leaking the result of a redirect via performance.getEntries...

8.1CVSS7.3AI score0.00414EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/20 3:26 p.m.3 views

Mozilla: Same-origin policy violation could have leaked cross-origin URLs

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a same-origin policy violation that could have allowed the theft of cross-origin URL entries, leaking the result of a redirect via performance.getEntries...

8.1CVSS7.3AI score0.00414EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/10/20 3:15 p.m.5 views

Mozilla: Same-origin policy violation could have leaked cross-origin URLs

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a same-origin policy violation that could have allowed the theft of cross-origin URL entries, leaking the result of a redirect via performance.getEntries...

8.1CVSS7.3AI score0.00414EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/01/12 12:4 p.m.3 views

Mozilla: Leaking cross-origin URLs through securitypolicyviolation event

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...

6.5CVSS7.3AI score0.00646EPSS
Exploits0References4
OSV
OSV
added 2019/02/28 6:29 p.m.5 views

UBUNTU-CVE-2018-18499

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries. This is a same-origin policy violation and could allow for data theft. This vulnerability affects...

6.5CVSS7.2AI score0.0105EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2018/12/17 3:39 p.m.5 views

Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs

A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries. This is a same-origin policy violation and could allow for data theft. This vulnerability affects...

6.5CVSS7.2AI score0.01549EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/11/05 10:47 a.m.7 views

Mozilla: Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries. This is a same-origin policy violation and could allow for data theft. This vulnerability affects...

6.5CVSS7.2AI score0.0105EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/10/24 10:6 p.m.7 views

chromium-browser: Cross-origin URL disclosure in Blink

Incorrect handling of timer information during navigation in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obtain cross origin URLs via a crafted HTML page...

6.5CVSS7.2AI score0.01446EPSS
Exploits0References5
Rows per page
Query Builder