5124 matches found
Quiz and Survey Master < 8.0.5 - Unauthenticated iFrame Injection
The plugin does not sanitise and escape the questionid parameter, which could allow unauthenticated users to perform iFrame injection attack...
WordPress plugin Appointment Hour Booking 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An iFrame injection...
WordPress plugin Quiz and Survey Master 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Quiz and...
PT-2022-25355 · WordPress · Appointment Hour Booking
Name of the Vulnerable Software and Affected Versions: Appointment Hour Booking plugin for WordPress versions up to, and including, 1.3.72 Description: The issue arises from insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject iFrame tags via the email...
Appointment Hour Booking < 1.3.73 - Unauthenticated iFrame Injection
The plugin does not sanitise and escape the email and general field parameters, which could allow unauthenticated users to perform iFrame injection attack PoC As an unauthenticated user, submit a booking and put an iFrame payload in the email/general field parameter The iFrame will be executed wh...
PT-2022-25346 · WordPress · Quiz/Survey Master
Name of the Vulnerable Software and Affected Versions: Quiz and Survey Master plugin for WordPress versions up to, and including, 8.0.4 Description: The issue arises from insufficient input sanitization and output escaping, allowing iframe tags to be injected via the questionid parameter. This...
Appointment Hour Booking < 1.3.73 - Unauthenticated iFrame Injection
The plugin does not sanitise and escape the email and general field parameters, which could allow unauthenticated users to perform iFrame injection attack As an unauthenticated user, submit a booking and put an iFrame payload in the email/general field parameter The iFrame will be executed when a...
Oracle Linux 9 : thunderbird (ELSA-2022-8561)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-8561 advisory. 102.5.0-2.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.5.0-2 - Update to 102.5.0 build2 102.5.0-1 -...
Oracle Linux 9 : firefox (ELSA-2022-8580)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-8580 advisory. 102.5.0-1.0.1 - Updated homepages to use https Orabug: 34648274 102.5.0-1 - Update to 102.5.0 build1 102.4.0-1 - Update to 102.4.0 build1 102.3.0-7 - F...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...
Mozilla: Iframe contents could be rendered outside the iframe
The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...