Lucene search
+L

251 matches found

RubySec
RubySec
added 2022/12/13 12:0 a.m.25 views

Improper neutralization of data URIs may allow XSS in Loofah

Summary Loofah = 2.1.0, = 2.19.1...

6.1CVSS3AI score0.00792EPSS
Exploits0References1Affected Software1
Huntr
Huntr
added 2022/06/06 8:54 p.m.33 views

Stored XSS via Deserialization of Stylesheets

Description Diagram files can contain stylesheets which basically consist of key value pairs that influence the appearance of digram elements. When adding a stylesheet mxStylesheet element it is possible to execute JavaScript code when used in combination with the internal include element. Usuall...

3.5CVSS1.6AI score0.00607EPSS
Exploits1
OSV
OSV
added 2022/05/14 2:48 a.m.21 views

GHSA-989H-WV8X-933P TYPO3 cross-site scripting (XSS)

The sanitizeLocalUrl function in TYPO3 6.x before 6.2.15, 7.x before 7.4.0, 4.5.40, and earlier allows remote authenticated users to bypass the XSS filter and conduct cross-site scripting XSS attacks via a base64 encoded data URI, as demonstrated by the 1 returnUrl parameter to showrechis.php and...

3.5CVSS4.6AI score0.02006EPSS
Exploits3References7
OSV
OSV
added 2021/12/13 6:15 p.m.4 views

PYSEC-2021-852

lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant...

8.2CVSS5.8AI score0.02456EPSS
Exploits0References4
OSV
OSV
added 2021/12/13 6:14 p.m.2 views

GHSA-55X5-FJ6C-H6M8 lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through

Impact The HTML Cleaner in lxml.html lets certain crafted script content pass through, as well as script content in SVG files embedded using data URIs. Users that employ the HTML cleaner in a security relevant context should upgrade to lxml 4.6.5. Patches The issue has been resolved in lxml 4.6.5...

8.2CVSS6.5AI score0.02456EPSS
Exploits0References17
Hacker One
Hacker One
added 2021/11/11 1:59 p.m.17 views

Judge.me : Stored XSS in Public Profile Reviews

A stored XSS vulnerability was found in the public profile review section of a platform. Attackers could add a product description with a data URI XSS payload in HTML format, which would execute when a user clicked on the HTML tag. This could lead to the execution of arbitrary code in the victim'...

6.4AI score
Exploits0
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.20 views

Mozilla Firefox Security Advisory (MFSA2015-141) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

5CVSS9.5AI score0.02543EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2021/07/26 12:0 a.m.13 views

Qyrr < 0.7 - Authenticated (contributor+) Stored XSS

The plugin does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the datauritometa AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce available to users with a role ...

1.1AI score0.00218EPSS
Exploits2Affected Software1
CVE
CVE
added 2021/03/10 3:50 p.m.60 views

CVE-2020-1918

CVE-2020-1918 affects HHVM: reading memory prior to the in‑memory buffer via fopen on a data URI due to improper restriction of negative seeking. Affected versions include HHVM before 4.56.3, 4.57.0–4.80.1, 4.81.0–4.93.1, and 4.94.0–4.98.0. The provided documents do not specify a final patched ve...

7.5CVSS7.5AI score0.01218EPSS
Exploits0References2Affected Software1
ossfuzz
ossfuzz
added 2020/09/05 11:57 p.m.22 views

minify:minify-data-uri-fuzzer: Crash with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=6587409154965504 Project: minify Fuzzing Engine: libFuzzer Fuzz Target: minify-data-uri-fuzzer Job Type: libfuzzerasanminify Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x0000074d94b4 Crash State: NULL Sanitizer: address ASAN...

6.8AI score
Exploits0Affected Software1
Hacker One
Hacker One
added 2020/06/19 2:40 a.m.21 views

Mail.ru: Data URI Stored XSS on Donations Page

XSS in donationalerts.com on donations page while previewing the text data:text/html;base64,PHNjcmlwdD5hbGVydCgiWFNTIEhlcmUiKTs8L3NjcmlwdD4K...

2.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/01/20 12:0 a.m.61 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0003)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive...

8.8CVSS8.4AI score0.06707EPSS
Exploits6References15
OSV
OSV
added 2020/01/08 9:15 p.m.4 views

CVE-2019-17000

An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox 70...

6.1CVSS7AI score0.00809EPSS
Exploits0References2
NVD
NVD
added 2020/01/08 9:15 p.m.20 views

CVE-2019-17000

An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox 70...

6.1CVSS5.8AI score0.00809EPSS
Exploits0References2
Prion
Prion
added 2020/01/08 9:15 p.m.16 views

Cross site scripting

An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox 70...

5.8CVSS5.5AI score0.00809EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2020/01/08 8:15 p.m.23 views

CVE-2019-11761

By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox 70,...

5.8CVSS6.3AI score0.00791EPSS
Exploits0References6
OSV
OSV
added 2020/01/08 8:15 p.m.3 views

DEBIAN-CVE-2019-11761

By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox 70,...

5.4CVSS7AI score0.00791EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/01/08 8:4 p.m.30 views

CVE-2019-17000

An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox 70...

6.5AI score0.00809EPSS
Exploits0References2
CVE
CVE
added 2020/01/08 8:4 p.m.173 views

CVE-2019-17000

CVE-2019-17000 affects Firefox versions older than 70. A CSP bypass exists where an object tag with a data: URI did not inherit the parent document’s Content Security Policy in cross-origin frames, potentially allowing inline-script execution in protected documents. Root cause: CSP not correctly ...

6.1CVSS6.3AI score0.00809EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2020/01/08 8:4 p.m.45 views

CVE-2019-17000

An object tag with a data URI did not correctly inherit the document's Content Security Policy. This allowed a CSP bypass in a cross-origin frame if the document's policy explicitly allowed data: URIs. This vulnerability affects Firefox 70...

6.1CVSS8AI score0.00809EPSS
Exploits0
Rows per page
Query Builder