88 matches found
Design/Logic Flaw
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0...
Mail.ru: Insecure storage of private files
"Send to myself" activity of Mail.ru Mail application for Android could be locally manipulated via external content provider to access the files in application folder...
CVE-2015-5961
The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server...
IBM Business Process Manager Security Bypass Vulnerability
IBM Business Process Manager BPM is a comprehensive set of business process management platform from IBM in the United States. The platform provides a range of tools related to process modeling, assembly, monitoring and deployment for business. A security vulnerability exists in IBM BPM versions...
Microsoft Outlook for Mac information leakage
External content is requested during message parsing...
Implement security sanitization of RSS feeds and other included content
A great improvement for RSS macros would be to implement "cleansing" or "sanitization" of external RSS feeds. This may be something that is configured at the admin level or in the macro level -- I'd prefer it to be a global admin requirement. Having externally linked content is a security risk, a...
Implement security sanitization of RSS feeds and other included content
A great improvement for RSS macros would be to implement "cleansing" or "sanitization" of external RSS feeds. This may be something that is configured at the admin level or in the macro level -- I'd prefer it to be a global admin requirement. Having externally linked content is a security risk, a...
Security update 1970-01-01
...