2 matches found
Xxe
MailEnable Enterprise Premium 10.23 was vulnerable to XML External Entity Injection XXE attacks that could be exploited by an unauthenticated user. It was possible for an attacker to use a vulnerability in the configuration of the XML processor to read any file on the host system. Because all...
X (Formerly Twitter): Twitter lite(Android): Vulnerable to local file steal, Javascript injection, Open redirect
Summary: com.twitter.android.lite.TwitterLiteActivity is set to exported and doesn't validate data pass to intent due to which this activity vulnerable to steal users local files, javascript injection and open redirect. Description: com.twitter.android.lite.TwitterLiteActivity is set to exported ...