The vulnerability of the Firefox browser allows a malicious attacker to compromise the confidentiality and integrity of protected information.

The vulnerability exists in Mozilla Firefox due to the incorrect implementation of the sandbox attribute for the IFRAME element. Exploiting this vulnerability allows malicious actors, operating remotely, to bypass content restrictions from a single same-origin source, by using a specially crafted...

The vulnerability of the Firefox browser, which allows a malicious actor to bypass domain restriction rules

The Mozilla Firefox browser contains a vulnerability related to errors in the implementation of class functions. Exploiting this vulnerability allows malicious actors to circumvent Domain Restrictions Policy SOP rules and gain access to confidential information through the use of IFrame elements...

The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious actor to bypass domain restriction rules

The Mozilla SeaMonkey browser contains a vulnerability related to errors in the implementation of class functions. Exploiting this vulnerability allows malicious actors to circumvent domain restriction policies SOP and gain access to confidential information through the use of IFRAME elements and...

Internet Explorer Malformed IFRAME Buffer Overflow - ver 2 (CVE-2004-1050)

Internet Explorer IE is a popular web browser developed by Microsoft corporation. A buffer overflow vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is in the way Microsoft Internet Explorer parses certain parameters of an IFRAME tag. An attacker can exploit this...

Bumble: Change contents of the careers iframe in https://corp.badoo.com/jobs

Hi again badoo team , In https://corp.badoo.com/jobs/?p= if you check the page you'll see an iframe from https://jobs.jobvite.com/badoo/ , the p parameter is used to control the iframe link for example if you added https://corp.badoo.com/jobs/?p=somepath the iframe link will be...

laposte.fr IFRAME Injection vulnerability

Vulnerable URL: http://www.laposte.fr/outilsuivi/web/suiviInterMetiers.php?method=json=null=%22%3E%3CIFRAME%20SRC=https://www.openbugbounty.org%20%20width=1200%20height=800%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Public...

nature.com IFRAME Injection vulnerability

Vulnerable URL: http://www.nature.com/wls/search-wls?criteria=%22%3E%3Ciframe%20src=%22https://www.openbugbounty.org%22%3E Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 11:21 GMT Vulnerability type:| IFRAME Injection Vulnerability status:|...

shertonenglish.com IFRAME Injection vulnerability

Vulnerable URL: http://www.shertonenglish.com/sections/search.php?q=%22%3E%3Ciframe+src%3D%22https%3A%2F%2Fwww.openbugbounty.org%22%3E=Search=partner-pub-0137545846373693%3A1150942152=FORID%3A10=UTF-8 Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:|...

Resurrection of the Evil Miner

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...

Resurrection of the Evil Miner

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...

Resurrection of the Evil Miner

At FireEye Labs, we recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME inline frame – an HTML document embedded inside another HTML document on a web page that allows users to get content from another separate sourc...

meteoconsult.fr IFRAME Injection vulnerability

Vulnerable URL: http://www.meteoconsult.fr/synthese-previsions-meteo.php?recherche=%22%3E%3Ciframe+src%3D%22https%3A%2F%2Fwww.openbugbounty.org%22%3E Details: Description| Value ---|--- Patched:| Yes, at 24.11.2017 Latest check for patch:| 24.11.2017 11:20 GMT Vulnerability type:| IFRAME Injectio...

meteoconsult.es IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-159983 Description| Value ---|--- Affected Website:| meteoconsult.es Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

meteoconsult.it IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-159985 Description| Value ---|--- Affected Website:| meteoconsult.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

weathercrave.co.uk IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-159984 Description| Value ---|--- Affected Website:| weathercrave.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

lachainemeteo.com IFRAME Injection vulnerability

Vulnerable URL: http://www.lachainemeteo.com/synthese-previsions-meteo.php?recherche=%22%3E%3Ciframe%20src=%22https://www.openbugbounty.org%22%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 09:59 GMT Vulnerability type:| IFRAME Injection...

railroads.unl.edu IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-159977 Description| Value ---|--- Affected Website:| railroads.unl.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

edumedia-share.com IFRAME Injection vulnerability

Vulnerable URL: http://www.edumedia-share.com/search.php?q=%3Ciframe%20src=https://openbugbounty.org%20width=1100px%20height=3400px%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 09:59 GMT Vulnerability type:| IFRAME Injection Vulnerability...

tusclasesparticulares.com IFRAME Injection vulnerability

Vulnerable URL: http://www.tusclasesparticulares.com/buscar/clasesparticulares.aspx?origin=top=%3Ccenter%3E%3Ciframe+src=https://openbugbounty.org+width=1100+height=4000px%3E Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 09:59 GMT Vulnerabili...

webstatsdomain.org IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-159933 Description| Value ---|--- Affected Website:| webstatsdomain.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...