116 matches found
SUSE CVE-2018-12382
The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of view to the right. This can lead to user confusion. This vulnerability only affects Firefox for...
UBUNTU-CVE-2021-46872
An issue was discovered in Nim before 1.6.2. The RST module of the Nim language stdlib, as used in NimForum and other products, permits the javascript: URI scheme and thus can lead to XSS in some applications. Nim versions 1.6.2 and later are fixed; there may be backports of the fix to some earli...
PT-2023-12595 · Nim +2 · Nim +2
Name of the Vulnerable Software and Affected Versions: Nim versions prior to 1.6.2 NimForum versions prior to 2.2.0 Description: An issue in the RST module of the Nim language stdlib allows the javascript: URI scheme, potentially leading to XSS in some applications. Recommendations: For Nim...
Shopify: URL Scheme Validation Bypass in Shopify Mobile App Allows Javascript Execution
A vulnerability in the Shopify mobile application allowed bypassing URL scheme validation in the NavigationActivity component. Attackers could craft malicious URLs using data: or javascript: schemes to execute JavaScript code within the app's webview context...
Cross-site Scripting via link creation bypass filter javascript scheme
Description The markdown's link creation feature allows inserting paths containing javascript scheme bypass filter javascript scheme via add https scheme prefix, so this flaw lead to XSS vulnerability. The payload used is the following: Proof of Concept Step to reproduct 1. Create new document 2...
Mozilla: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI
The Mozilla Foundation Security Advisory describes this flaw as: An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The issafeurl function in utils/http.py in Django 1.4.x before 1.4.6, 1.5.x before 1.5.2, and 1.6 before beta 2 treats a URL's scheme as safe even if it is not HTTP or HTTPS, which might introduce cross-site scripting XSS or other vulnerabilities into Django applications that use this function, a...
MarkText Cross-Site Scripting Vulnerability
MarkText is a simple and elegant Markdown editor with a focus on speed and usability.A cross-site scripting vulnerability exists in versions of MarkText prior to 0.17.0, which stems from improper handling of links using javascript:scheme in documents. A remote attacker could exploit this...
Cross-site Scripting (XSS) - Stored in chaskiq/chaskiq
Description When creating a link using the editor function, the Stored XSS vulnerability occurs because a javascript scheme can be used. Proof of Concept txt 1. Go to campaigns - Mailing Campaigns - Editor 2. Enter the URL: javascript:alertdocument.domain 3. After, Click the URL Video :...
Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore
Description The Stored XSS vulnerability occurs because the menu editing function can insert a JavaScript Scheme as the value of the menu's HREF. Proof of Concept txt 1. Go to Content - Menu - Edit 2. Enter javascript:alertdocument.domain as the URL value using the Add or Edit menu function. 3...
XSS in `comrak`
comrak operates by default in a "safe" mode of operation where unsafe content, such as arbitrary raw HTML or URLs with non-standard schemes, are not permitted in the output. This is per the reference GFM implementation, cmark-gfm. Ampersands were not being correctly escaped in link targets, makin...
Mozilla Rust 跨站脚本漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A cross-site scripting vulnerability exists in Rust in versions prior to comrak crate 0.9.1, which stems from the fact that the protection mechanism for data: and javascript: URIs is case-sensitive. No details o...
PT-2020-15435 · Jenkins · Jenkins Link Column Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Link Column Plugin versions 1.0 and earlier Description: The issue concerns a stored cross-site scripting vulnerability. It allows users with View/Configure permission to create links that can execute JavaScript code due to the lack o...
UBUNTU-CVE-2019-14809
net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname nor Port, and is related to a non-numeric port number. For example, an...
CVE-2019-10374
A stored cross-site scripting vulnerability in Jenkins PegDown Formatter Plugin 1.3 and earlier allows attackers able to edit descriptions and other fields rendered using the configured markup formatter to insert links with the javascript scheme into the Jenkins UI...
CVE-2019-10374
A stored cross-site scripting vulnerability in Jenkins PegDown Formatter Plugin 1.3 and earlier allows attackers able to edit descriptions and other fields rendered using the configured markup formatter to insert links with the javascript scheme into the Jenkins UI...
Cross site scripting
A stored cross-site scripting vulnerability in Jenkins PegDown Formatter Plugin 1.3 and earlier allows attackers able to edit descriptions and other fields rendered using the configured markup formatter to insert links with the javascript scheme into the Jenkins UI...
Cross-Site Scripting in Link Handling
It has been discovered that the t3:// URL handling is vulnerable to cross-site scripting when making use of javascript: or data: scheme in link fields like the following...
GHSA-36M4-6V6M-4VPR Cross-site Scripting in remarkable
In remarkable 1.7.1, lib/parserinline.js mishandles URL filtering, which allows attackers to trigger XSS via unprintable characters, as demonstrated by a \x0ejavascript: URL...
CVE-2017-5118
Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, failed to correctly propagate CSP restrictions to javascript scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page...