5743 matches found
CVE-2017-2285
Cross-site scripting vulnerability in Simple Custom CSS and JS prior to version 3.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2017-2285
The CVE affects WordPress plugin Simple Custom CSS and JS prior to version 3.4. A reflected cross-site scripting (CWE-79) vulnerability allows an attacker to inject arbitrary script, potentially executing in a logged-in user’s browser. The exact attack vectors aren’t specified in the provided doc...
PT-2017-15325 · Unknown · Simple Custom Css/Js
Name of the Vulnerable Software and Affected Versions: Simple Custom CSS and JS versions prior to 3.4 Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML. Recommendations: For versions prior to 3.4, update to version 3.4 or later to resolve the...
WordPress Simple Custom CSS and JS plugin <=3.3 - Authenticated Cross-Site Scripting (XSS) vulnerability
Authenticated Cross-Site Scripting XSS vulnerability found by Chris Liu in WordPress Simple Custom CSS and JS plugin version 3.3 and earlier versions. Solution Update WordPress Simple Custom CSS and JS plugin to the latest available version at least 3.4...
WordPress Simple Custom CSS and JS Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL servers to set up a personal blog site . Simple Custom CSS and JS is one of the CSS and JS code editing components . A cross-site scripting vulnerabilit...
CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...
CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...
DEBIAN-CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...
Design/Logic Flaw
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...
UBUNTU-CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...
CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...
Fedora 26 : webkitgtk4 (2017-dfaf0ca892)
Highlights of the 2.16.0 release : - Hardware acceleration is now enabled on demand to drastically reduce memory consumption. - CSS Grid Layout is enabled by default. - New WebKitSetting to set the hardware acceleration policy. - UI process API to configure network proxy settings. - Improved...
CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...
CVE-2017-1000015
CVE-2017-1000015 : phpMyAdmin versions 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack via crafted cookie parameters. The connected documents confirm the affected software and the underlying issue is a CSS injection triggered by cookie values; no exploit details or in‑the‑wild data are...
CVE-2017-1000015
phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a CSS injection attack through crafted cookie parameters...
KLA11845 Multiple vulnerabilities in Microsoft Exchange Server
Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in Microsoft Exchange can be exploited remotely via specially...
GLSA-201707-13 : libcroco: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201707-13 libcroco: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libcroco. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a...
html-social-share-buttons
It is an HTML/CSS/JavaScript library for adding social media sha...
Mozilla: Use-after-free using destroyed node when regenerating trees (MFSA 2017-16)
A use-after-free vulnerability with the frameloader during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that no longer exists. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...
CVE-2017-8834
The crtknzrparsecomment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service memory allocation error via a crafted CSS file...