5125 matches found
adu.ch XSS vulnerability
Vulnerable URL: https://www.adu.ch/QTVR/iframe.php?fz=970%22%3E%3C/script%3E%3Cscript%3Ealert%22OPENBUGBOUNTY%22;%3C/script%3E%20%3C!-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 04.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...
Webkit (Chome < 61) - 'MHTML' Universal Cross-site Scripting
MIME-Version: 1.0 Content-Type: multipart/related; type="text/html"; boundary="----MultipartBoundary--" CVE-2017-5124 ------MultipartBoundary-- Content-Type: application/xml; ------MultipartBoundary-- Content-Type: text/html Content-Location: https://google.com alert'Location origin:...
CVE-2017-7815
On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiproce...
UBUNTU-CVE-2017-7815
On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiproce...
Security vulnerabilities fixed in Firefox 56 — Mozilla
A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake addre...
cl.angel.wwx.tw IFRAME Injection vulnerability
Vulnerable URL: http://cl.angel.wwx.tw/debug/frm-s/openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...
belediyehaberleri.com IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-314778 Description| Value ---|--- Affected Website:| belediyehaberleri.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
CVE-2017-14744
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element...
CVE-2017-14744
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element...
CVE-2017-14744
UEditor 1.4.3.3 is vulnerable to cross-site scripting via the SRC attribute of an IFRAME element. The issue is documented across multiple sources (NVD, CNVD, Red Hat, CVE lists) and is consistently described as an XSS in Baidu/UEditor, with no explicit remediation or patch version provided in the...
CVE-2017-14744
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element...
blogsmexico.mx IFRAME Injection vulnerability
Vulnerable URL: https://blogsmexico.mx/blog/dulcecandy-com/post/iframe?url=https://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 9579381 VIP website...
library.dha.gov.ae IFRAME Injection vulnerability
Open Bug Bounty ID: OBB-311638 Description| Value ---|--- Affected Website:| library.dha.gov.ae Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...
ny100.cn IFRAME Injection vulnerability
Vulnerable URL: http://www.ny100.cn/url/index.asp?url=https://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 23.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...
outlink.pryc.eu IFRAME Injection vulnerability
Vulnerable URL: https://outlink.pryc.eu/webinsider/?url=openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 23.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| ...
privatelink.de IFRAME Injection vulnerability
Vulnerable URL: http://privatelink.de/forward/?https%3A%2F%2Fopenbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 23.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 30692 VIP website status:| Yes Coordinate...
unmig.sviluppoeconomico.gov.it IFRAME Injection vulnerability
Vulnerable URL: http://unmig.sviluppoeconomico.gov.it/dgsaie/ambiti/rqnome.asp?stringa=%3Ciframe%20src=https://www.openbugbounty.org%20%3C Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...
Legal Robot: Clickjacking in Legalrobot app
Dear Team, POC Please find attached screenshots Steps to reproduce: create index.html file with following content: Open index.html in browser Actual result: Legalrobot email verification page is viewed in iframe. Remediation: Frame busting technique is the better framing protection technique...
abe.cl IFRAME Injection vulnerability
Vulnerable URL: http://www.abe.cl/ver.php?url=http://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 8725552 VIP website status:| No Coordinated...
Mozilla: Same-origin policy bypass with iframes through page reloads (MFSA 2017-19)
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...