Lucene search
K

12 matches found

NVD
NVD
added 2026/06/10 11:16 p.m.10 views

CVE-2026-42558

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.2, a vulnerability chain consisting of Stored XSS and Iframe Sandbox escape in the Xibo CMS allows users with DataSet permissions to use the Data Connector...

7.6CVSS0.0011EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 9:39 p.m.28 views

CVE-2026-42558 Xibo Vulnerable to Stored XSS and Iframe Sandbox Escape via Data Connector Script in DataSet

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.2, a vulnerability chain consisting of Stored XSS and Iframe Sandbox escape in the Xibo CMS allows users with DataSet permissions to use the Data Connector...

7.6CVSS0.0011EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 9:39 p.m.19 views

EUVD-2026-36170

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.2, a vulnerability chain consisting of Stored XSS and Iframe Sandbox escape in the Xibo CMS allows users with DataSet permissions to use the Data Connector...

7.6CVSS5.3AI score0.0011EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 1:23 p.m.29 views

CVE-2026-47901 Iframe escape by plugins in Logseq

Logseq is vulnerable to a sandbox escape flaw where plugins running in sandboxed iframes can inject arbitrary HTML attributes, such as event handlers, into their container element in the host DOM. Due to a disabled Content Security Policy CSP, this allows a malicious plugin to execute arbitrary...

4.6CVSS0.00139EPSS
Exploits0References2
NVD
NVD
added 2025/12/30 2:16 a.m.4 views

CVE-2025-69234

Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment...

9.1CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/30 1:18 a.m.26 views

CVE-2025-69234

Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment...

0.0025EPSS
Exploits0References1
CVE
CVE
added 2025/12/30 1:18 a.m.15 views

CVE-2025-69234

Affected software: Whale browser (pre-4.35.351.12). Vulnerability: iframe sandbox escape in a sidebar environment. Root cause / impact: An attacker could escape the iframe sandbox, potentially bypassing security restrictions associated with the sandboxed context. The CVE entry and connected advis...

9.1CVSS6.5AI score0.0025EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.6 views

PT-2025-53834

Name of the Vulnerable Software and Affected Versions Whale browser versions prior to 4.35.351.12 Description The Whale browser is susceptible to an iframe sandbox escape in a sidebar environment. An attacker can leverage this to bypass security restrictions imposed by the iframe sandbox...

9.1CVSS6.6AI score0.0025EPSS
Exploits0References6
NVD
NVD
added 2025/10/16 7:15 a.m.8 views

CVE-2025-62583

Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment...

9.8CVSS0.00458EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-9225

Malware in sbrugna...

9.6CVSS9.2AI score0.01487EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 6:23 p.m.4 views

CVE-2021-23957

Navigations through the Android-specific intent URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 85...

7.4CVSS6.3AI score0.00793EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:45 a.m.3 views

SUSE CVE-2021-23957

Navigations through the Android-specific intent URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 85...

7.4CVSS8.6AI score0.00793EPSS
Exploits0References3
Rows per page
Query Builder