Lucene search
K

5125 matches found

Hacker One
Hacker One
added 2017/12/15 2:29 p.m.100 views

HackerOne: HTTP Parameter Pollution using semicolons in iframe element at hackerone.com/careers allows loading external Greenhouse forms

Summary: I noticed that HackerOne career pages loads it's application forms from Greenhouse.io via an iframe. The ghjid parameter value is taken into the iframe element for the token parameter in the iframe URL boards.greenhouse.io. Any html characters are escaped in order to avoid XSS and possib...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/12/14 11:49 a.m.11 views

our.news IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-453421 Description| Value ---|--- Affected Website:| our.news Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/12/05 5:11 p.m.14 views

gee.gov.pt IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-448869 Description| Value ---|--- Affected Website:| gee.gov.pt Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/27 12:39 p.m.21 views

topsea.co.il IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-439881 Description| Value ---|--- Affected Website:| topsea.co.il Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/27 12:34 p.m.11 views

multiplay.co.il IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-439875 Description| Value ---|--- Affected Website:| multiplay.co.il Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/27 11:43 a.m.11 views

oddcast.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-439847 Description| Value ---|--- Affected Website:| oddcast.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/24 7:43 p.m.16 views

consentido.com.mx IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-432100 Description| Value ---|--- Affected Website:| consentido.com.mx Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/24 7:40 p.m.17 views

inprf-cd.gob.mx IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-432094 Description| Value ---|--- Affected Website:| inprf-cd.gob.mx Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/24 7:40 p.m.15 views

archivo.unionpuebla.mx IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-432093 Description| Value ---|--- Affected Website:| archivo.unionpuebla.mx Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/24 7:39 p.m.16 views

archivo.unionjalisco.mx IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-432091 Description| Value ---|--- Affected Website:| archivo.unionjalisco.mx Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/24 6:55 p.m.12 views

webist.in IFRAME Injection vulnerability

Vulnerable URL: http://www.webist.in/livedemo.php?url=http://openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 3007438 VIP website status:| No Coordinated Disclosure Timeline:...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/24 6:11 a.m.13 views

agenziaastolfiscuola.it IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-429679 Description| Value ---|--- Affected Website:| agenziaastolfiscuola.it Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2017/11/21 12:0 a.m.36 views

Adobe Acrobat Pro DC iframe Same Origin Policy Bypass Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS1.3AI score0.06867EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/11/17 3:33 p.m.2 views

Mozilla: Cross-origin URL information leak through Resource Timing API (MFSA 2017-25)

The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. This vulnerability affects Firefox 57, Firefox ESR 52.5, and Thunderbird 52.5...

6.5CVSS7.3AI score0.02485EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2017/11/16 5:26 p.m.13 views

visitpa.com XSS vulnerability

Open Bug Bounty ID: OBB-418110 Description| Value ---|--- Affected Website:| visitpa.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

6.3AI score
Exploits0
CNVD
CNVD
added 2017/11/15 12:0 a.m.1 views

Mozilla Firefox Cross-Origin URL Information Disclosure Vulnerability

Mozilla Firefox browser Firefox is a free, open source browser for Windows, Linux and MacOSX platforms. A cross-origin URL information disclosure vulnerability exists in Mozilla Firefox versions prior to 57.0. The vulnerability arises because the Resource Timing API incorrectly discloses navigati...

6.5CVSS6AI score0.02485EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2017/11/14 3:9 a.m.11 views

m.tongcoupon.kr IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-413709 Description| Value ---|--- Affected Website:| m.tongcoupon.kr Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/13 3:41 p.m.14 views

escandinxavo.tk IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-413486 Description| Value ---|--- Affected Website:| escandinxavo.tk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/09 4:26 a.m.23 views

portal.scan-ict.nl IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-401804 Description| Value ---|--- Affected Website:| portal.scan-ict.nl Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/09 4:5 a.m.10 views

bio.agriconnect.nl IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-401778 Description| Value ---|--- Affected Website:| bio.agriconnect.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.6AI score
Exploits0
Rows per page
Query Builder