8 matches found
EUVD-2012-3936
Malware in sbrugna...
RHEL 10 : command-line-assistant (RHSA-2025:16345)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16345 advisory. The command-line-assistant package provides a simple wrapper to interact with RAG. Security Fix: command-line-assistant: Improper Access Control in...
Hypermedia and Browser Enhancement
Front end development these days is dominated by large JavaScript client side frameworks. There are plenty of good reasons for that, but it can be very inefficient for many use cases, and the framework engineering has become extremely complex. In this article, I want to explore a different...
CVE-2012-3992
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting XSS attacks or obtain sensitive POST content via...
CVE-2012-3992
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly manage history data, which allows remote attackers to conduct cross-site scripting XSS attacks or obtain sensitive POST content via...
Adobe Flex 3历史管理'historyFrame.html'跨站脚本漏洞
BUGTRAQ ID: 29778 CVE ID:CVE-2008-2640 CNCVE ID:CNCVE-20082640 Adobe Flex 3是一款开发富网络应用的工具。 Adobe Flex 3历史管理功能存在跨站脚本问题,远程攻击者可以利用漏洞获得敏感信息。 Adobe Flex 3历史管理功能存在输入验证错误,historyFrame.html脚本对用户提交的参数缺少过滤,提交恶意脚本代码,并诱使用户访问,可导致获得目标用户敏感信息。 Adobe Flex SDK 3.0.1 Adobe Flex Builder 3 Adobe Flex 3.0 升级程序: Adobe...
Adobe Flex 3历史管理historyFrame.html跨站脚本漏洞
BUGTRAQ ID: 29778 CVECAN ID: CVE-2008-2640 Adobe Flex 3是用于构建和维护Web应用程序的高效开放源码框架。 Flex 3的历史管理功能所使用的historyFrame.html页面没有正确地过滤某些用户输入便返回给了用户,这允许远程攻击者通过提交恶意请求执行跨站脚本攻击,导致在用户浏览器会话中执行任意HTML和脚本代码。 0 Adobe Flex Builder 3 Adobe Flex 3.0.1 SDK Adobe ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: a...
Adobe Flex 3 History Management historyFrame.html XSS
The remote host contains one or more HTML documents associated with Adobe Flex 3's History Management Feature and affected by a DOM-based cross-site scripting vulnerability. Due to its failure to sanitize user input, an attacker may be able to leverage this issue to inject arbitrary HTML and scri...