4 matches found
CVE-2015-9545
An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage function in xdLocalStorage.js does not implement any validation of the origin of web messages. Remote attackers who can entice a user to load a malicious site can exploit this issue to impact the confidentiality and...
@sobotics/caching (=1.1.1) potentially affected by CVE-2015-9545 via xdlocalstorage (=2.0.5)
xdlocalstorage NPM version =2.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on xdlocalstorage and may be impacted: - @sobotics/caching =1.1.1 Source cves: CVE-2015-9545 Source advisory: OSV:GHSA-76QM-4F93-FG6F...
CVE-2015-9545
creationtimestamp| type| source ---|---|--- 2020-04-07 22:48:18+00:00| seen| https://t.me/cibsecurity/11090...
CVE-2015-9545
The CVE-2015-9545 issue affects xdLocalStorage up to version 2.0.5, where receiveMessage() in xdLocalStorage.js does not validate the origin of web messages. This missing origin validation can allow remote attackers to entice a user to load a malicious site and exploit web messages to affect the ...