Lucene search
K

5125 matches found

Openbugbounty
Openbugbounty
added 2017/10/06 7:21 a.m.14 views

adu.ch XSS vulnerability

Vulnerable URL: https://www.adu.ch/QTVR/iframe.php?fz=970%22%3E%3C/script%3E%3Cscript%3Ealert%22OPENBUGBOUNTY%22;%3C/script%3E%20%3C!-- Details: Description| Value ---|--- Patched:| No Latest check for patch:| 04.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...

6.3AI score
Exploits0
Exploit DB
Exploit DB
added 2017/10/03 12:0 a.m.46 views

Webkit (Chome < 61) - 'MHTML' Universal Cross-site Scripting

MIME-Version: 1.0 Content-Type: multipart/related; type="text/html"; boundary="----MultipartBoundary--" CVE-2017-5124 ------MultipartBoundary-- Content-Type: application/xml; ------MultipartBoundary-- Content-Type: text/html Content-Location: https://google.com alert'Location origin:...

6.1CVSS7.5AI score0.05245EPSS
Exploits5
UbuntuCve
UbuntuCve
added 2017/10/02 12:0 a.m.23 views

CVE-2017-7815

On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiproce...

5.3CVSS6.9AI score0.01161EPSS
Exploits1References3
OSV
OSV
added 2017/10/02 12:0 a.m.1 views

UBUNTU-CVE-2017-7815

On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiproce...

5.3CVSS7AI score0.01161EPSS
Exploits1References4
Mozilla
Mozilla
added 2017/09/28 12:0 a.m.539 views

Security vulnerabilities fixed in Firefox 56 — Mozilla

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake addre...

9.8CVSS10AI score0.03641EPSS
Exploits4References19Affected Software1
Openbugbounty
Openbugbounty
added 2017/09/26 8:39 p.m.17 views

cl.angel.wwx.tw IFRAME Injection vulnerability

Vulnerable URL: http://cl.angel.wwx.tw/debug/frm-s/openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/26 11:35 a.m.10 views

belediyehaberleri.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-314778 Description| Value ---|--- Affected Website:| belediyehaberleri.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
OSV
OSV
added 2017/09/26 6:29 a.m.4 views

CVE-2017-14744

UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element...

6.1CVSS5.8AI score0.00635EPSS
Exploits0References2
NVD
NVD
added 2017/09/26 6:29 a.m.18 views

CVE-2017-14744

UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element...

6.1CVSS6.1AI score0.00635EPSS
Exploits0References2
CVE
CVE
added 2017/09/26 6:0 a.m.60 views

CVE-2017-14744

UEditor 1.4.3.3 is vulnerable to cross-site scripting via the SRC attribute of an IFRAME element. The issue is documented across multiple sources (NVD, CNVD, Red Hat, CVE lists) and is consistently described as an XSS in Baidu/UEditor, with no explicit remediation or patch version provided in the...

6.1CVSS6AI score0.00635EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/09/26 6:0 a.m.21 views

CVE-2017-14744

UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element...

6.1AI score0.00635EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2017/09/26 12:10 a.m.13 views

blogsmexico.mx IFRAME Injection vulnerability

Vulnerable URL: https://blogsmexico.mx/blog/dulcecandy-com/post/iframe?url=https://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 9579381 VIP website...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/25 4:7 a.m.13 views

library.dha.gov.ae IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-311638 Description| Value ---|--- Affected Website:| library.dha.gov.ae Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/24 4:5 a.m.8 views

ny100.cn IFRAME Injection vulnerability

Vulnerable URL: http://www.ny100.cn/url/index.asp?url=https://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 23.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/24 2:57 a.m.21 views

outlink.pryc.eu IFRAME Injection vulnerability

Vulnerable URL: https://outlink.pryc.eu/webinsider/?url=openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 23.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| ...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/24 1:51 a.m.20 views

privatelink.de IFRAME Injection vulnerability

Vulnerable URL: http://privatelink.de/forward/?https%3A%2F%2Fopenbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 23.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 30692 VIP website status:| Yes Coordinate...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/22 12:31 p.m.13 views

unmig.sviluppoeconomico.gov.it IFRAME Injection vulnerability

Vulnerable URL: http://unmig.sviluppoeconomico.gov.it/dgsaie/ambiti/rqnome.asp?stringa=%3Ciframe%20src=https://www.openbugbounty.org%20%3C Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / No...

7.3AI score
Exploits0
Hacker One
Hacker One
added 2017/09/22 7:4 a.m.27 views

Legal Robot: Clickjacking in Legalrobot app

Dear Team, POC Please find attached screenshots Steps to reproduce: create index.html file with following content: Open index.html in browser Actual result: Legalrobot email verification page is viewed in iframe. Remediation: Frame busting technique is the better framing protection technique...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/19 9:9 p.m.7 views

abe.cl IFRAME Injection vulnerability

Vulnerable URL: http://www.abe.cl/ver.php?url=http://openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 18.12.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 8725552 VIP website status:| No Coordinated...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2017/08/24 6:45 a.m.3 views

Mozilla: Same-origin policy bypass with iframes through page reloads (MFSA 2017-19)

Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

7.5CVSS7.3AI score0.02376EPSS
Exploits1References5
Rows per page
Query Builder