OWASP AntiSamy Cross-site Scripting vulnerability

OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstrated by use of to construct a javascript: URL...

CVE-2017-15427

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar...

CVE-2017-15427

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar...

Design/Logic Flaw

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar...

CVE-2017-5458

When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox 53...

Cross site scripting

URLs using "javascript:" have the protocol removed when pasted into the addressbar to protect users from cross-site scripting XSS attacks, but if a tab character is embedded in the "javascript:" URL the protocol is not removed and the script will execute. This could allow users to be socially...

Spoofing

When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox 53...

CVE-2017-5420

CVE-2017-5420 affects Mozilla Firefox prior to version 52.0 (and Firefox ESR up to 45.x); a javascript: URL loaded by a malicious page can obfuscate the address bar, enabling spoofing of an existing page while the malicious page’s address is not shown. The issue is documented as a content spoofin...

CVE-2017-5458

CVE-2017-5458 describes a reflected XSS in Firefox where dragging a javascript: URL into the address bar can be executed by the victim. The vulnerability affects Firefox versions prior to 53; the issue arises from insufficient validation of javascript: URLs in the address bar during drag-and-drop...

CVE-2017-5420

A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability affects Firefox 52...

CVE-2017-5458

When a "javascript:" URL is drag and dropped by a user into the addressbar, the URL will be processed and executed. This allows for users to be socially engineered to execute an XSS attack on themselves. This vulnerability affects Firefox 53...

Semmle: DOMXSS in redirect param

Summary The redirect param can consist of a javascript: url, which results in XSS. If a victim visits a malicious URL and logs in, the attacker can perform actions on behalf of the victim. Steps to reproduce 1 Logout 2 Visit...

DEBIAN-CVE-2016-10531

marked is an application that is meant to parse and compile markdown. Due to the way that marked 0.3.5 and earlier parses input, specifically HTML entities, it's possible to bypass marked's content injection protection sanitize: true to inject a javascript: URL. This flaw exists because...

UBUNTU-CVE-2016-10531

marked is an application that is meant to parse and compile markdown. Due to the way that marked 0.3.5 and earlier parses input, specifically HTML entities, it's possible to bypass marked's content injection protection sanitize: true to inject a javascript: URL. This flaw exists because...

CVE-2016-10531

marked is an application that is meant to parse and compile markdown. Due to the way that marked 0.3.5 and earlier parses input, specifically HTML entities, it's possible to bypass marked's content injection protection sanitize: true to inject a javascript: URL. This flaw exists because...

CVE-2016-10531

marked is an application that is meant to parse and compile markdown. Due to the way that marked 0.3.5 and earlier parses input, specifically HTML entities, it's possible to bypass marked's content injection protection sanitize: true to inject a javascript: URL. This flaw exists because...

CVE-2016-10531

marked is an application that is meant to parse and compile markdown. Due to the way that marked 0.3.5 and earlier parses input, specifically HTML entities, it's possible to bypass marked's content injection protection sanitize: true to inject a javascript: URL. This flaw exists because...

UBUNTU-CVE-2018-5143

URLs using "javascript:" have the protocol removed when pasted into the addressbar to protect users from cross-site scripting XSS attacks, but if a tab character is embedded in the "javascript:" URL the protocol is not removed and the script will execute. This could allow users to be socially...

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList CVE-2018-5128: Use-after-free manipulating editor selection ranges CVE-2018-5129: Out-of-bounds write with malformed IPC messages CVE-2018-5130: Mismatched RTP payload type can trigger memory corruptio...

CVE-2017-15387

Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page...