2 matches found
CVE-2024-26466
A DOM based cross-site scripting XSS vulnerability in the component /dom/ranges/Range-test-iframe.html of web-platform-tests/wpt before commit 938e843 allows attackers to execute arbitrary Javascript via sending a crafted URL...
CVE-2024-26466
The CVE-2024-26466 entry describes a DOM-based XSS in web-platform-tests/wpt within the Range-test-iframe.html component, exposed before commit 938e843. The vulnerability allows an attacker to execute arbitrary Javascript by sending a crafted URL, with the impact aligned to a DOM-XSS type and use...