Design/Logic Flaw

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed 1 in an IFRAME element or 2 with the XMLHttpRequest...

CVE-2014-1881

Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted library clone that leverages IFRAME script execution and waits a certain amount of time for an OnJsPrompt handler...

CVE-2014-1881

CVE-2014-1881 affects Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier. The vulnerability arises in an event-based bridge technique where a crafted library clone can trigger IFRAME script execution and waits for an OnJsPrompt handler return value to bypass intended device-res...

CVE-2014-1883

Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the proper shouldInterceptRequest callback, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed 1 in an IFRAME element or 2 with the XMLHttpRequest...

CVE-2014-1882

Affected software: Apache Cordova 3.3.0 and earlier; Adobe PhoneGap 2.9.0 and earlier. Root cause: An event-based bridge can be bypassed via a crafted library clone that uses IFRAME script execution to directly access bridge JavaScript objects, demonstrated by cordova.require calls. Impact: Remot...

Konqueror FTP IFrame Null Pointer Dereference Denial of Service - Ver2 (CVE-2007-1308)

A denial-of-service vulnerability has been reported in KDE Konqueror 3.5.5. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

Apple Safari for Windows IFRAME SRC Shell Metacharacter Command Execution - Ver2 (CVE-2007-3186)

A command execution vulnerability has been reported in Apple Safari. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVE-2014-2242

includes/upload/UploadBase.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x before 1.21.6, and 1.22.x before 1.22.3 does not prevent use of invalid namespaces in SVG files, which allows remote attackers to conduct cross-site scripting XSS attacks via an SVG upload, as demonstrated by use of a W...

CVE-2014-2242

includes/upload/UploadBase.php in MediaWiki before 1.19.12, 1.20.x and 1.21.x before 1.21.6, and 1.22.x before 1.22.3 does not prevent use of invalid namespaces in SVG files, which allows remote attackers to conduct cross-site scripting XSS attacks via an SVG upload, as demonstrated by use of a W...

Google Chrome XSSAuditor Filter Security Policy Bypass

A policy bypass vulnerability exists in Google Chrome. The vulnerability is due a design weakness in Chrome XSSAuditor. By inserting JavaScript in the srcdoc attribute of an IFRAME tag, the Cross-Site Scripting filter can be bypassed. An attacker can exploit this weakness to further facilitate...

SeaMonkey Multiple XSS Vulnerabilities (Feb 2014) - Windows

SeaMonkey is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Mozilla Thunderbird Multiple XSS Vulnerabilities (Feb 2014) - Windows

Mozilla Thunderbird is prone to multiple cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Cross site scripting

Cross-site scripting XSS vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in an IFRAME element, a...

CVE-2013-6674

Cross-site scripting XSS vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in an IFRAME element, a...

CVE-2013-6674

CVE-2013-6674 is an XSS vulnerability in Mozilla Thunderbird 17.x up to 17.0.8, Thunderbird ESR 17.x up to 17.0.10, and SeaMonkey before 2.20. The issue is triggered by an email containing a data: URL inside an IFRAME, allowing a user‑assisted remote attacker to inject arbitrary web script/HTML. ...

Design/Logic Flaw

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint...

CVE-2014-1483

Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint...

PNG Image Metadata Found Leveraging iFrame Injections

Researchers have discovered a relatively new way to distribute malware that relies on reading JavaScript code stored in an obfuscated PNG file’s metadata to trigger iFrame injections. The technique makes it highly unlikely a virus scanner would catch it because the injection method is so deeply...

Modern Browser XSS Filter Evasion

Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the "injected" code normally, JavaScript or HTML is not executed inside victim's browser. Chrome calls this filter...

XSS Filter Bypass Bug Found in Chrome and Safari

There is a bug in the anti-cross site scripting filter in Chrome and Safari that enables an attacker to bypass the filter in some cases and use an XSS flaw on a given site to compromise visitors’s machines. The vulnerability is fairly simple to exploit and a researcher has posted proof-of-concept...