CVE-2024-50346 WebFeed HTML injection vulnerabilities

WebFeed is a lightweight web feed reader extension for Firefox/Chrome. Multiple HTML injection vulnerabilities in WebFeed can lead to CSRF and UI spoofing attacks. A remote attacker can provide malicious RSS feeds and attract the victim user to visit it using WebFeed. The attacker can then inject...

CVE-2024-4460

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

ClearURLs - An Add-On Based On The New WebExtensions Technology And Will Automatically Remove Tracking Elements From URLs To Help Protect Your Privacy

ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This extension will automatically remove tracking elements from URLs to help protect your privacy when browse through the Internet, which is regularly updated by us and can be...

Feature and Permission Policies. Security issues

Introduction In order to help enhance the user experience of their site, companies may ask to use features of your browser, such as geolocation or notifications to produce a more tailored experience. Web site developers may configure the site or allow third-party content, loaded in frames, to use...

Ubiquiti Inc.: [scores.ubnt.com] DOM based XSS at form.html

Hello, I would like to report that the 130889 bug hasn't been fixed completely. The removeTags function has been added, however an attacker is still able to inject Javascript as parameter values without any HTML tags:...