2 matches found
Mozilla -- insufficient character escaping
[email protected] reports: Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system...
PT-2011-18: Cross-Site Scripting in Arbor Peakflow X
The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in Arbor Peakflow X. XSS-vulnerable parameters are found on several web pages. The following parameters are vulnerable due to insufficient character escaping: a. /explore/entityinfo/ modestate...