5118 matches found
CVE-2017-7788
When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's Content Security Policy CSP as it should unless the sandbox attribute included "allow-same-origin". This vulnerability affects Firefox 55...
CVE-2017-7788
When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's Content Security Policy CSP as it should unless the sandbox attribute included "allow-same-origin". This vulnerability affects Firefox 55...
CVE-2017-7787
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...
CVE-2017-7791
On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox ...
CVE-2017-5391
Special "about:" pages used by web content, such as RSS feeds, can load privileged "about:" pages in an iframe. If a content-injection bug were found in one of those pages this could allow for potential privilege escalation. This vulnerability affects Firefox 51...
accessify.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-630097 Description| Value ---|--- Affected Website:| accessify.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
pingoat.net IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-630061 Description| Value ---|--- Affected Website:| pingoat.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
kavarny.cz IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-628950 Description| Value ---|--- Affected Website:| kavarny.cz Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
IBM InfoSphere Information Server Cross-Frame Scripting Vulnerability
IBM InfoSphere Information Server is a data integration platform that includes a range of products that enable you to understand, cleanse, monitor, transform, and transfer data, as well as collaborate to bridge the gap between business and IT. A cross-framework scripting vulnerability exists in I...
osborneclarke.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-626289 Description| Value ---|--- Affected Website:| osborneclarke.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-11680
An issue was discovered in CmsEasy 6.120180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is refreshed at a rapid rate...
Cross site request forgery (csrf)
An issue was discovered in CmsEasy 6.120180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is refreshed at a rapid rate...
CVE-2018-11680
An issue was discovered in CmsEasy 6.120180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is refreshed at a rapid rate...
CVE-2018-11680
An issue was discovered in CmsEasy 6.120180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is refreshed at a rapid rate...
ajbaker.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-625873 Description| Value ---|--- Affected Website:| ajbaker.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
cd1025.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-625799 Description| Value ---|--- Affected Website:| cd1025.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-3755
XSS in sexstatic element used in directory name...
Design/Logic Flaw
XSS in sexstatic element used in directory name...
CVE-2018-3755
XSS in sexstatic element used in directory name...
CVE-2018-3755
XSS in sexstatic element used in directory name...