8 matches found
EUVD-2008-7143
Malware in sbrugna...
Diigo Toolbar and Diigolet Comment Feature - HTML Injection and Information Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/29611/info Diigo Toolbar and Diigolet are prone to an HTML-injection vulnerability and an information-disclosure vulnerability when handling data via the 'comment' feature. An attacker can exploit the HTML-injection issue...
CVE-2008-7184
Cross-site scripting XSS vulnerability in Diigo Toolbar and Diigolet allows remote attackers to inject arbitrary web script or HTML via a public comment...
CVE-2008-7184
CVE-2008-7184 describes a cross-site scripting (XSS) vulnerability in the Diigo Toolbar and Diigolet, where remote attackers can inject arbitrary Web script or HTML via a public comment. The available sources confirm the issue as an XSS flaw in the Diigo suite, enabling script injection in contex...
Diigo Toolbar crossite scripting
Crossite scripting with publiс comments...
diigo-xss.txt
Diigo Toolbar - Global XSS and Information Leakage in SSL URLs == Global XSS == Diigo is http://www.diigo.com/ a social bookmarking and sharing application which allows users to see other users comments and notes for every website. For this feature users should use Diigolet bookmarklet or Diigo...
Diigo Toolbar and Diigolet Comment Feature - HTML Injection Information Disclosure
Diigo Toolbar and Diigolet Comment Feature - HTML Injection Information Disclosure source: https://www.securityfocus.com/bid/29611/info Diigo Toolbar and Diigolet are prone to an HTML-injection vulnerability and an information-disclosure vulnerability when handling data via the 'comment' feature...
Diigo Toolbar and Diigolet Comment Feature - HTML Injection / Information Disclosure
source: https://www.securityfocus.com/bid/29611/info Diigo Toolbar and Diigolet are prone to an HTML-injection vulnerability and an information-disclosure vulnerability when handling data via the 'comment' feature. An attacker can exploit the HTML-injection issue to run arbitrary HTML and script...