Lucene search
K

13 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 9:20 a.m.8 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS6.8AI score0.00495EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.10 views

Astra Linux – Vulnerability in Firefox, Thunderbird

The Enhanced Tracking Protection’s Strict mode may have inadvertently allowed a CSP frame-src bypass and DOM-based XSS attacks through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames disguised as legitimate content. This...

6.1CVSS6.7AI score0.00495EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/12/05 11:18 a.m.2 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/12/03 2:5 p.m.2 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/12/03 11:34 a.m.4 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/12/03 6:35 a.m.4 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/12/02 5:16 p.m.21 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/12/02 4:56 p.m.6 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/12/02 11:44 a.m.4 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/12/02 1:57 a.m.5 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/12/02 1:28 a.m.2 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS7.2AI score0.00495EPSS
Exploits0References10
OSV
OSV
added 2019/09/12 8:15 p.m.6 views

AZL-6972 CVE-2019-16275 affecting package wpa_supplicant for versions less than 2.9-4

hostapd before 2.10 and wpasupplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF aka management frame protection. The attacker must send a...

6.5CVSS6.7AI score0.01214EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2006/07/20 1:41 p.m.3 views

security flaw

Cross-site scripting XSS vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into 1 performing a "View Image" on a broken image in which the SRC attribute contains a Javascript URL, or 2 selecting "Show on...

4.3CVSS5.9AI score0.01548EPSS
Exploits0References4
Rows per page
Query Builder