15 matches found
EUVD-2008-7143
Malware in sbrugna...
secure.diigo.com XSS vulnerability
Vulnerable URL: https://secure.diigo.com/sign-in?referInfo=%27%22--!%3E%3CScript%20/K/%3EconfirmOPENBUGBOUNTY%3C/Script%20/K/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...
diigo.com XSS vulnerability
Open Bug Bounty ID: OBB-190248 Description| Value ---|--- Affected Website:| diigo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
diigo.com XSS vulnerability
Vulnerable URL: https://www.diigo.com/";alert'OPENBUGBOUNTY';" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3954 VIP website status:| Yes Check diigo.com SSL connection:| Grade: C Coordinated Disclosure...
Diigo Toolbar and Diigolet Comment Feature - HTML Injection and Information Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/29611/info Diigo Toolbar and Diigolet are prone to an HTML-injection vulnerability and an information-disclosure vulnerability when handling data via the 'comment' feature. An attacker can exploit the HTML-injection issue...
Unfixed XSS vulnerability at secure.diigo.com
Security researcher XSSTORM, has submitted on 11/11/2011 a cross-site-scripting XSS vulnerability affecting secure.diigo.com, which at the time of submission ranked 1491 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currentl...
CVE-2008-7184
Cross-site scripting XSS vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment...
Cross site scripting
Cross-site scripting XSS vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment...
CVE-2008-7184
CVE-2008-7184 describes a cross-site scripting (XSS) vulnerability in the Diigo Toolbar and Diigolet, where remote attackers can inject arbitrary Web script or HTML via a public comment. The available sources confirm the issue as an XSS flaw in the Diigo suite, enabling script injection in contex...
CVE-2008-7184
Cross-site scripting XSS vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment...
Diigo Toolbar crossite scripting
Crossite scripting with publiс comments...
Diigo Toolbar - Global XSS and Information Leakage in SSL URLs
Diigo Toolbar - Global XSS and Information Leakage in SSL URLs == Global XSS == Diigo is http://www.diigo.com/ a social bookmarking and sharing application which allows users to see other users comments and notes for every website. For this feature users should use Diigolet bookmarklet or Diigo...
Diigo Toolbar and Diigolet Comment Feature - HTML Injection / Information Disclosure
source: https://www.securityfocus.com/bid/29611/info Diigo Toolbar and Diigolet are prone to an HTML-injection vulnerability and an information-disclosure vulnerability when handling data via the 'comment' feature. An attacker can exploit the HTML-injection issue to run arbitrary HTML and script...
Diigo Toolbar and Diigolet Comment Feature - HTML Injection Information Disclosure
Diigo Toolbar and Diigolet Comment Feature - HTML Injection Information Disclosure source: https://www.securityfocus.com/bid/29611/info Diigo Toolbar and Diigolet are prone to an HTML-injection vulnerability and an information-disclosure vulnerability when handling data via the 'comment' feature...
diigo-xss.txt
Diigo Toolbar - Global XSS and Information Leakage in SSL URLs == Global XSS == Diigo is http://www.diigo.com/ a social bookmarking and sharing application which allows users to see other users comments and notes for every website. For this feature users should use Diigolet bookmarklet or Diigo...