31 matches found
CVE-2025-69848
NetBox contains a reflected XSS in ProtectedError handling within versions 2.11.0–3.7.x. Object names are injected into HTML error messages without proper escaping, allowing user-controlled content to be rendered in the web UI when a delete operation fails due to protected relationships. Impact i...
EUVD-2004-2392
Malware in sbrugna...
EUVD-2000-0617
Malware in sbrugna...
PT-2024-12991 · Motorola · Motorola Ota Update Application
Name of the Vulnerable Software and Affected Versions: Motorola OTA update application affected versions not specified Description: An improper export issue in the Motorola OTA update application could allow a malicious, local application to inject an HTML-based message on the screen UI...
Motorola OTA Security Breach
Motorola OTA is a software update service via wireless signal from Motorola USA. A security vulnerability exists in Motorola OTA that stems from the presence of an incorrect export vulnerability that could allow a malicious native application to inject HTML-based messages on the screen UI...
Security update for alpine (moderate)
openSUSE Security Update: Security update for alpine Announcement ID: openSUSE-SU-2021:0695-1 Rating: moderate References: 1173281 Cross-References: CVE-2020-14929 CVSS scores: CVE-2020-14929 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-14929 SUSE: 7.5...
CVE-2020-12625
An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting XSS vulnerability in rcubewashtml.php because JavaScript code can occur in the CDATA of an HTML message...
DEBIAN-CVE-2020-12625
An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting XSS vulnerability in rcubewashtml.php because JavaScript code can occur in the CDATA of an HTML message...
CVE-2020-12625
An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting XSS vulnerability in rcubewashtml.php because JavaScript code can occur in the CDATA of an HTML message...
CVE-2020-12625
An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting XSS vulnerability in rcubewashtml.php because JavaScript code can occur in the CDATA of an HTML message...
CVE-2020-12625
CVE-2020-12625 concerns Roundcube Webmail up to version 1.4.3, with a cross-site scripting (XSS) vulnerability in rcube_washtml.php that allows JavaScript in HTML message CDATA to be executed. Public advisories (e.g., Ubuntu USN-5182-1, Debian DSA-4674-1, openSUSE openSUSE-2020-1516) confirm the ...
CVE-2020-12625
An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting XSS vulnerability in rcubewashtml.php because JavaScript code can occur in the CDATA of an HTML message...
Restriction Bypass
SeaMonkey is vulnerable to Restriction Bypass. A flaw was found in SeaMonkey Messenger triggered when a HTML message contained a remote image pointing to a XBL script. An attacker could have created a carefully crafted message which would execute Javascript if certain actions were performed on th...
Fedora 28 : thunderbird-enigmail (2018-22c1b7e738)
Update to 2.0.8 : - A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed and/or encrypted. - Changelog: https://enigmail.net/index.php/en/download/changelog Note that Tenable Network Security has extracted...
SUSE-SU-2018:2641-1 Security update for enigmail
This update for enigmail to 2.0.8 fixes the following issues: The enigmail 2.0.8 release addresses a security issue and solves a few regression bugs. A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed...
Fedora 27 : thunderbird-enigmail (2018-eacf5a9ce8)
Update to 2.0.8 : - A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed and/or encrypted. - Changelog: https://enigmail.net/index.php/en/download/changelog Note that Tenable Network Security has extracted...
Recommended update for enigmail (moderate)
This update for enigmail to 2.0.8 fixes the following issues: The enigmail 2.0.8 release addresses a security issue and solves a few regression bugs. A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed...
Recommended update for enigmail (moderate)
This update for enigmail to 2.0.8 fixes the following issues: The enigmail 2.0.8 release addresses a security issue and solves a few regression bugs. A security issue has been fixed that allows an attacker to prepare a plain, unauthenticated HTML message in a way that it looks like it's signed...
Merak Mail Server 7.4.5 HTML Message Body XSS
漏洞描述: Merak Webmail Server 5.2.7版本中存在多个跨站脚本XSS漏洞。远程攻击者可以通过category, cserver, ext, global,showgroups, address.html中的showlite参数,或者spage 或者 settings.html中的autoresponder参数,readmail.html中的folder参数,或者 attachment.html中的attachmentpagetexterror参数 folder, ct, 或者 calendar.html中的 cv 参数, 标签,...
Moderate: Red Hat Security Advisory: thunderbird security update
An updated thunderbird package that fixes one security issue is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...