263 matches found
CVE-2021-34435
In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to trigger an RCE. This exploit only happens if a user previews a malicious file...
Design/Logic Flaw
In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to trigger an RCE. This exploit only happens if a user previews a malicious file...
CVE-2021-37152
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications...
CVE-2021-37152
Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications...
CVE-2020-29071
An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. The issue arises from the insecure rendering of HTML files uploaded to the platform as attachments, when the -htmlview URL is directly accessed. The impact ranges from executing commands as root on the server to retrieving...
CVE-2020-29071
An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. The issue arises from the insecure rendering of HTML files uploaded to the platform as attachments, when the -htmlview URL is directly accessed. The impact ranges from executing commands as root on the server to retrieving...
Amazon Linux AMI : libxml2 (ALAS-2020-1415)
The version of libxml2 installed on the remote host is prior to 2.9.1-6.4.40. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1415 advisory. A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 wh...
CVE-2019-19210
Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files...
UBUNTU-CVE-2019-19210
Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files...
CVE-2019-15614
Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files...
CVE-2019-15614
Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files...
CVE-2015-9501
The Artificial Intelligence theme before 1.2.4 for WordPress has XSS because Genericons HTML files are unnecessarily placed under the web root...
Total.js CMS Path Traversal Vulnerability
Total.js CMS is a Node.js content management system. Total.js CMS 12.0.0 suffers from a path traversal vulnerability that can be exploited by an attacker to include .html files outside of a restricted directory...
CVE-2019-15952
Total.js CMS 12.0.0 contains a path traversal vulnerability exploitable by an authenticated user with the Pages privilege to include outside-directory .html files. If a page contains a template directive, it is server-side processed, enabling an attacker who can control the content of a .html fil...
Mozilla: Same-origin policy treats all files in a directory as having the same-origin
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and...
Foxit PhantomPDF < 8.3.10, 9.x < 9.5 Multiple Vulnerabilities (Jun 2019) - Windows
Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...
Information Disclosure
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
USN-3841-2: lxml vulnerability
USN-3841-1 fixed a vulnerability in lxml. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that lxml incorrectly handled certain HTML files. An attacker could possibly use this issue to conduct cross-site scripting XSS attacks...
GHSA-7RR7-RCJW-56VJ Exposure of Sensitive Information to an Unauthorized Actor in activestorage
A bypass vulnerability in Active Storage = 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as...
Design/Logic Flaw
A bypass vulnerability in Active Storage = 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as...