245 matches found
GHSA-R23G-3QW4-GFH2 RedCloth Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI...
Moderate severity vulnerability that affects validator
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a crafted javascript URI...
CVE-2013-7452
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a crafted javascript URI...
UBUNTU-CVE-2013-7452
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a crafted javascript URI...
Cross site scripting
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a crafted javascript URI...
CVE-2013-7452
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a crafted javascript URI...
CVE-2013-7452
Removed by vendor...
Airmail 3.0.2 Cross Site Scripting
Airmail is a popular email client on iOS and OS X. I found a vulnerability in airmail of the latest version which could cause a file:// xss and arbitrary file read. Author: redrain, [email protected] Date: 2016-08-15 Version: 3.0.2 and earlier Platform: OS X and iOS Site: http://airmailapp.com/...
Airmail 3.0.2 - Cross-Site Scripting
Exploit for macOS platform in category web applications Airmail is a popular email client on iOS and OS X. I found a vulnerability in airmail of the latest version which could cause a file:// xss and arbitrary file read. Author: redrain, email protected Date: 2016-08-15 Version: 3.0.2 and earlier...
Disucz X3.2 多处反射型XSS漏洞(函数缺陷导致)
简要描述: 某函数缺陷导致的 XSS。 详细说明: member.php?mod=logging&action=login&referer=javascript://www.discuz.net/ 欢迎您回来,Newbie xx,现在将转入登录前页面setTimeout"window.location.href ='javascript://www.discuz.net/';", 2000;setTimeout"window.location.href ='javascript://www.discuz.net/';", 2000; 如果您的浏览器没有自动跳转,请点击此链接...
CVE-2012-6684
Cross-site scripting XSS vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI...
DEBIAN-CVE-2012-6684
Cross-site scripting XSS vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI...
Cross site scripting
Cross-site scripting XSS vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI...
UBUNTU-CVE-2012-6684
Cross-site scripting XSS vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI...
CVE-2012-6684
Cross-site scripting XSS vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI...
Microsoft Outlook 2002 Mailto Parameter Quoting Zone Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9827/info Microsoft Outlook is prone to a vulnerability that may permit execution of arbitrary code on client systems. This issue is exposed through Outlook, but will reportedly cause Internet Explorer to load malicious...
Microsoft Internet Explorer 7/8 HTML Attribute JavaScript URI Security Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35455/info Microsoft Internet Explorer is prone to a security-bypass vulnerability because it fails to properly enforce restrictions on script behavior. An attacker may exploit this issue to bypass restrictions on the...
Adobe Acrobat 11.0.4 Crafted PDF File Handling JavaScript Scheme URI Execution (APSB13-25)
The version of Adobe Acrobat installed on the remote host is 11.0.4. It is, therefore, affected by a flaw in the handling of specially crafted PDF files. This can allow an attacker to launch JavaScript URI schemes. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid70342...
Firefox < 23.0 Multiple Vulnerabilities (Mac OS X)
The installed version of Firefox is earlier than 23.0 and is, therefore, potentially affected by multiple vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification when using...
Firefox < 23.0 Multiple Vulnerabilities
The installed version of Firefox is earlier than 23.0 and is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification when using...