Cookie protection bypass in Mozilla

It's possible to obtain cookie by spoofing valid hostname in javascript: URL. For example f.location = "javascript://www.google.com/n"+ "'body onload=alertdocument.cookie'";...

CVE-2002-0346

Cross-site scripting vulnerability in Cobalt RAQ 4 allows remote attackers to execute arbitrary script as other Cobalt users via Javascript in a URL to 1 service.cgi or 2 alert.cgi...

Crossite scripting in Opera

javascript: URL is executed in context of previously loaded page...

CVE-2000-0958

HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window...

Microsoft Windows Media Player 7.0 - JavaScript URL

Microsoft Windows Media Player 7.0 - JavaScript URL source: https://www.securityfocus.com/bid/2167/info Windows Media Player is an application used for digital audio, and video content viewing. It can be embedded in webpages as an ActiveX control. It is possible to execute a javascript URL from...

Проблема в Internet Explorer (HTTP-redirect)

Internet Explorer выпадает при получении редирект на URL типа javascript:...

CVE-2000-0958

HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window...

CVE-1999-0347

Affected software: Internet Explorer 4.01. Type of issue: remote read of local files and ability to spoof web pages via a "%01" character in an about: JavaScript URL, which makes IE use the domain specified after the character. Underlying cause: parsing/URL handling in about: URLs allows domain o...