Lucene search
K

10 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

An attacker was able to insert an event handler into a privileged object, allowing arbitrary JavaScript execution in the parent process. Note: This vulnerability only affects Desktop Firefox; mobile versions of Firefox are not affected. This vulnerability applies to Firefox versions earlier than...

8.4CVSS8.1AI score0.047EPSS
Exploits0References2
NVD
NVD
added 2026/06/10 10:17 p.m.10 views

CVE-2026-53742

Simple Link Directory through 9.0.4 echoes embed shortcode attributes into HTML data attributes without escaping in the embedder template. Attackers with contributor access can craft a shortcode attribute that injects an event handler executing in a viewer's browser...

5.4CVSS0.00141EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.15 views

PT-2026-48556

Simple Link Directory through 9.0.4 echoes embed shortcode attributes into HTML data attributes without escaping in the embedder template. Attackers with contributor access can craft a shortcode attribute that injects an event handler executing in a viewer's browser...

5.4CVSS5.5AI score0.00141EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 4:22 p.m.10 views

EUVD-2026-35703

Svelte is a performance oriented web framework. Prior to version 5.55.7, when using spread syntax to render attributes from untrusted data, event handler properties are included in the rendered HTML output. If an application spreads user-controlled or external data as element attributes, an...

5CVSS5.5AI score0.00168EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

MCP Registry 跨站脚本漏洞

MCP Registry is an open-source MCP server application store developed by Model Context Protocol. Versions of MCP Registry prior to 1.7.7 contained a cross-site scripting vulnerability. This vulnerability originated from the public directory UI; server-side validation only checked whether the URL...

5.4CVSS5.8AI score0.00167EPSS
Exploits1References1
Amazon
Amazon
added 2024/04/01 12:0 a.m.5 views

Important: firefox

Issue Overview: AppendEncodedAttributeValue, ExtraSpaceNeededForAttrEncoding and AppendEncodedCharacters could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox 124, Firefox ESR 115.9, and...

8.8CVSS10AI score0.047EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2024/03/25 7:40 p.m.6 views

Mozilla: Privileged JavaScript Execution via Event Handlers

The Mozilla Foundation Security Advisory describes this flaw as: An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process...

8.4CVSS7.6AI score0.047EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/03/25 7:36 p.m.6 views

Mozilla: Privileged JavaScript Execution via Event Handlers

The Mozilla Foundation Security Advisory describes this flaw as: An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process...

8.4CVSS7.6AI score0.047EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/03/25 12:0 a.m.27 views

Debian dla-3775 : firefox-esr - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3775 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3775-1 [email protected]...

8.8CVSS7.7AI score0.047EPSS
Exploits4References22
Tenable Nessus
Tenable Nessus
added 2024/03/25 12:0 a.m.29 views

RHEL 8 : firefox (RHSA-2024:1490)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1490 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.8AI score0.047EPSS
Exploits4References23
Rows per page
Query Builder