Cross site scripting

A vulnerability was found in Custom-Content-Width 1.0. It has been declared as problematic. Affected by this vulnerability is the function overridecontentwidth/registersettings of the file custom-content-width.php. The manipulation leads to cross site scripting. The attack can be launched remotel...

previewWithdraw() in AutoPxGlp and AutoPxGmx doesn't rounds up when calculating corresponding shares for assets, even so they are overrides previewWithdraw() in PirexERC4626 which rounds up and withdraw() in all 3 contract assumes and depends on previewWithdraw() to rounds up

Lines of code Vulnerability details Impact Contracts AutoPxGlp and AutoPxGmx extends PirexERC4626 and function withdraw and previewWithdraw has been overridden in those contracts. withdraw uses function previewWithdraw to calculate number of shares need to burn for corresponding amount of assets...

Brave Software: Sending arbitrary IPC messages via overriding Function.prototype.apply

Summary: Brave Browser allows to overwrite the internal js code from the user js code. Using this behavior, an attacker can send arbitrary IPC messages and do UXSS, address bar spoofing, changing browser settings and so on. This bug is similar to 187542. Tested on: Brave 0.12.11 Steps To Reproduc...