Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44198

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filter videos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...

6.4CVSS5.8AI score0.00291EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2022/12/15 4:19 p.m.5 views

Mozilla: Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content

The Mozilla Foundation Security Advisory describes this flaw as: If a Thunderbird user quoted from an HTML email and the email contained either a video tag with the poster attribute or an object tag with a data attribute, a network request to the referenced remote URL was performed regardless of ...

8.1CVSS7.5AI score0.00768EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2010/11/04 12:0 a.m.16 views

FreeBSD : OTRS -- Multiple XSS and denial of service vulnerabilities (96e776c7-e75c-11df-8f26-00151735203a)

OTRS Security Advisory reports : - Multiple Cross Site Scripting issues : Missing HTML quoting allows authenticated agents or customers to inject HTML tags. This vulnerability allows an attacker to inject script code into the OTRS web-interface which will be loaded and executed in the browsers of...

3.5CVSS5.5AI score0.01891EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.22 views

Debian DSA-249-1 : w3mmee - missing HTML quoting

Hironori Sakamoto, one of the w3m developers, found two security vulnerabilities in w3m and associated programs. The w3m browser does not properly escape HTML tags in frame contents and img alt attributes. A malicious HTML frame or img alt attribute may deceive a user to send their local cookies...

5CVSS5.3AI score0.02478EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.24 views

Debian DSA-250-1 : w3mmee-ssl - missing HTML quoting

Hironori Sakamoto, one of the w3m developers, found two security vulnerabilities in w3m and associated programs. The w3m browser does not properly escape HTML tags in frame contents and img alt attributes. A malicious HTML frame or img alt attribute may deceive a user to send their local cookies...

5CVSS5.3AI score0.02478EPSS
Exploits0References3
Debian
Debian
added 2003/02/14 3:46 p.m.19 views

[SECURITY] [DSA 251-1] New w3m packages fix cookie information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 251-1 [email protected] http://www.debian.org/security/ Martin Schulze February 14th, 2003 http://www.debian.org/security/faq -...

5CVSS0.1AI score0.02478EPSS
Exploits0
Debian
Debian
added 2003/02/13 1:57 p.m.18 views

[SECURITY] [DSA 250-1] New w3mmee-ssl packages fix cookie information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 250-1 [email protected] http://www.debian.org/security/ Martin Schulze February 12th, 2003 http://www.debian.org/security/faq -...

6AI score
Exploits0
Debian
Debian
added 2003/02/13 1:57 p.m.22 views

[SECURITY] [DSA 250-1] New w3mmee-ssl packages fix cookie information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 250-1 [email protected] http://www.debian.org/security/ Martin Schulze February 12th, 2003 http://www.debian.org/security/faq -...

5CVSS0.1AI score0.02478EPSS
Exploits0
Debian
Debian
added 2003/02/11 1:33 p.m.25 views

[SECURITY] [DSA 249-1] New w3mmee packages fix cookie information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 249-1 [email protected] http://www.debian.org/security/ Martin Schulze February 11th, 2003 http://www.debian.org/security/faq -...

5CVSS0.2AI score0.02478EPSS
Exploits0
Debian
Debian
added 2003/02/11 1:33 p.m.20 views

[SECURITY] [DSA 249-1] New w3mmee packages fix cookie information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 249-1 [email protected] http://www.debian.org/security/ Martin Schulze February 11th, 2003 http://www.debian.org/security/faq -...

6AI score
Exploits0
securityvulns
securityvulns
added 2003/02/11 12:0 a.m.34 views

[SECURITY] [DSA 249-1] New w3mmee packages fix cookie information leak

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 249-1 [email protected] http://www.debian.org/security/ Martin Schulze February 11th, 2003 http://www.debian.org/security/faq -...

5CVSS0.1AI score0.02478EPSS
Exploits0
Rows per page
Query Builder