Lucene search
K

5125 matches found

RedHat Linux
RedHat Linux
added 2017/08/24 6:45 a.m.5 views

Mozilla: Spoofing following page navigation with data: protocol and modal alerts (MFSA 2017-19)

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox ...

5.3CVSS7.4AI score0.01837EPSS
Exploits1References5
0day.today
0day.today
added 2017/08/23 12:0 a.m.36 views

WebClientPrint Processor 2.0.15.109 Updates Remote Code Execution Vulnerability

RedTeam Pentesting discovered that rogue updates trigger a remote code execution vulnerability in WebClientPrint Processor WCPP. These updates may be distributed through specially crafted websites and are processed without any user interaction as soon as the website is accessed. However, the...

0.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/16 5:35 p.m.16 views

startxchange.com IFRAME Injection vulnerability

Vulnerable URL: http://startxchange.com/frame.php?url=https://www.openbugbounty.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 14.11.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 210170 VIP website status:| No Chec...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2017/08/10 11:20 p.m.2 views

Mozilla: Same-origin policy bypass with iframes through page reloads (MFSA 2017-19)

Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

7.5CVSS7.3AI score0.02376EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2017/08/10 11:20 p.m.5 views

Mozilla: Spoofing following page navigation with data: protocol and modal alerts (MFSA 2017-19)

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox ...

5.3CVSS7.4AI score0.01837EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2017/08/10 12:0 a.m.29 views

CVE-2017-7791

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox ...

5.3CVSS6.8AI score0.01837EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2017/08/10 12:0 a.m.28 views

CVE-2017-7788

When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's Content Security Policy CSP as it should unless the sandbox attribute included "allow-same-origin". This vulnerability affects Firefox 55...

9.8CVSS6.8AI score0.02336EPSS
Exploits1References2
OSV
OSV
added 2017/08/10 12:0 a.m.2 views

UBUNTU-CVE-2017-7791

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox ...

5.3CVSS6.8AI score0.01837EPSS
Exploits1References4
OSV
OSV
added 2017/08/10 12:0 a.m.2 views

UBUNTU-CVE-2017-7788

When an "iframe" has a "sandbox" attribute and its content is specified using "srcdoc", that content does not inherit the containing page's Content Security Policy CSP as it should unless the sandbox attribute included "allow-same-origin". This vulnerability affects Firefox 55...

9.8CVSS6.8AI score0.02336EPSS
Exploits1References3
Openbugbounty
Openbugbounty
added 2017/08/09 9:31 a.m.17 views

rojgaronline.com IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-277458 Description| Value ---|--- Affected Website:| rojgaronline.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2017/08/09 1:48 a.m.28 views

CVE-2017-7791

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox ...

5.3CVSS3.3AI score0.01837EPSS
Exploits1References2
Openbugbounty
Openbugbounty
added 2017/08/08 9:41 a.m.12 views

wittbirn.k12.wi.us IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-276475 Description| Value ---|--- Affected Website:| wittbirn.k12.wi.us Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/08 9:26 a.m.11 views

littlefriends.co.uk IFRAME Injection vulnerability

Open Bug Bounty ID: OBB-276473 Description| Value ---|--- Affected Website:| littlefriends.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Iframe Injection / CWE-79 CVSSv3 Score:| 6.1...

6.7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/08 5:20 a.m.12 views

mangatown.com IFRAME Injection vulnerability

Vulnerable URL: http://www.mangatown.com/search.php?name= XANY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 06.11.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 3933 VIP website status:| Yes Check mangatown.com SSL...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/06 6:40 a.m.9 views

education.ohio.gov IFRAME Injection vulnerability

Vulnerable URL: https://education.ohio.gov/Miscellaneous/Newsletter-Search?pagetitle=" Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/05 4:57 p.m.12 views

webworldcam.com IFRAME Injection vulnerability

Vulnerable URL: http://www.webworldcam.com/webcam-index.php?var=12620=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| Yes, at 27.11.2017 Latest check for patch:| 27.11.2017 21:37 GMT Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/05 9:17 a.m.11 views

ragnarok2.com.br IFRAME Injection vulnerability

Vulnerable URL: http://ragnarok2.com.br/index.php?s=https://www.openbugbounty.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 12.09.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 15147941 VIP website status:| No Check...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/04 9:46 p.m.11 views

upf.edu IFRAME Injection vulnerability

Vulnerable URL: https://www.upf.edu/web/grau-obert/?ppid=3pstate=maximizedpmode=view&3strutsaction=/search/search&3keywords='"--! XANY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 02.11.2017 Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclos...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/04 9:34 p.m.11 views

peekyou.com IFRAME Injection vulnerability

Vulnerable URL: http://www.peekyou.com/boayue?url=" xany Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 11736 VIP website status:| Yes Check peekyou.com SSL connection:| Grade: A- Coordinated...

7.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/08/04 2:4 a.m.11 views

docsity.com IFRAME Injection vulnerability

Vulnerable URL: https://www.docsity.com/it/search/?q=" XANY Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 21699 VIP website status:| Yes Coordinated Disclosure Timeline: Description| Value ---|---...

7.3AI score
Exploits0
Rows per page
Query Builder