39 matches found
[SECURITY] [DSA 4643-1] python-bleach security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4643-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 20, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4643-1] python-bleach security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4643-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 20, 2020 https://www.debian.org/security/faq -...
Debian DSA-4636-1 : python-bleach - security update
It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when'noscript' and one or more raw text tags were whitelisted. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
[SECURITY] Fedora 27 Update: python-bleach-2.1.3-1.fc27
Bleach is an HTML sanitizing library that escapes or strips markup and attributes based on a white list...
[SECURITY] Fedora 28 Update: python-bleach-2.1.3-1.fc28
Bleach is an HTML sanitizing library that escapes or strips markup and attributes based on a white list...
IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass
No description provided by source. toStaticHTML: The Second Encounter CVE-2012-1858 HTML Sanitizing Bypass - CVE-2012-1858http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858 Original advisory -...
FreeBSD : typo3 -- Multiple vulernabilities in TYPO3 Core (48bcb4b2-e708-11e1-a59d-000d601460a4)
Typo Security Team reports : It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Information Disclosure, Insecure Unserialize leading to Arbitrary Code Execution. TYPO3 Backend Help System - Due to a missing signature HMAC for a parameter in the viewhelp.php file, an...
Several Vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Information Disclosure, Insecure Unserialize leading to Arbitrary Code Execution Component Type: TYPO3 Core Affected Versions: 4.5.0 up to 4.5.18, 4.6.0 up to 4.6.11, 4.7.0 up to 4.7.3 and development releases of the 6....
typo3 -- Multiple vulernabilities in TYPO3 Core
Typo Security Team reports: It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Information Disclosure, Insecure Unserialize leading to Arbitrary Code Execution. TYPO3 Backend Help System - Due to a missing signature HMAC for a parameter in the viewhelp.php file, an...
Microsoft Internet Explorer 9 SharePoint Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037MS12-039MS12-050)
Microsoft Internet Explorer 9 SharePoint Lync - toStaticHTML HTML Sanitizing Bypass MS12-037MS12-039MS12-050 toStaticHTML: The Second Encounter CVE-2012-1858 HTML Sanitizing Bypass - CVE-2012-1858 Original advisory -...
Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037/MS12-039/MS12-050)
toStaticHTML: The Second Encounter CVE-2012-1858 HTML Sanitizing Bypass - CVE-2012-1858 Original advisory - http://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html Introduction The toStaticHTML component,...
IE9 / SharePoint / Lync toStaticHTML HTML Sanitizing Bypass
Exploit for windows platform in category dos / poc toStaticHTML: The Second Encounter CVE-2012-1858 HTML Sanitizing Bypass - CVE-2012-1858 Original advisory -...
toStaticHTML HTML Sanitizing Bypass
toStaticHTML: The Second Encounter CVE-2012-1858 HTML Sanitizing Bypass - CVE-2012-1858 Original advisory - http://blog.watchfire.com/wfblog/2012/07/tostatichtml-the-second-encounter-cve-2012-1858-html-sanitizing-information-disclosure-introduction-t.html Introduction The toStaticHTML component,...
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing
No description provided by source. Name: Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information \ Disclosure Vulnerability Author: Adi Cohen of IBM Rational Application Security [email protected] Date: June 14, 2011 Risk: Medium CVE: CVE-2011-1252 Introduction ------------- The...
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure
Name: Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability Author: Adi Cohen of IBM Rational Application Security [email protected] Date: June 14, 2011 Risk: Medium CVE: CVE-2011-1252 Introduction ------------- The JavaScript function toStaticHTML, which i...
Microsoft Internet Explorer toStaticHTML Information Disclosure
Name: Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability Author: Adi Cohen of IBM Rational Application Security [email protected] Date: June 14, 2011 Risk: Medium CVE: CVE-2011-1252 Introduction ------------- The JavaScript function toStaticHTML, which i...
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability that affects the 'toStaticHTML' API. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya...
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability that affects the 'toStaticHTML' API. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya Aura...
Microsoft Internet Explorer Multiple Vulnerabilities (982381)
This host is missing a critical security update according to Microsoft Bulletin MS10-035. OpenVAS Vulnerability Test $Id: secpodms10-035.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 982381 Authors: Antu Sanadi Updated By: Madhuri D on 2010-11-15 -...