2 matches found
chromium-browser: URL spoof in Omnibox
Missing confusable characters in Internationalization in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...
rubygem-actionpack: i18n missing translation XSS
It was discovered that the internationalization component of Ruby on Rails could, under certain circumstances, return a fallback HTML string that contained user input. A remote attacker could possibly use this flaw to perform a reflective cross-site scripting XSS attack by providing a specially...