Mozilla: Missing throttling on external protocol launch dialog

The Mozilla Foundation Security Advisory describes this flaw as: Malicious websites could have tricked users into accepting launching a program to handle an external URL protocol...

CVE-2008-5043

Multiple cross-site scripting XSS vulnerabilities in the web-based interface in IBM Metrica Service Assurance Framework allow remote authenticated users to inject arbitrary web script or HTML via 1 the elementid parameter in a generatedreportresults action to the ReportTree program, 2 the jnlpnam...