7 matches found
Xenforo 信息泄露漏洞
Xenforo is a forum software developed by the Xenforo company. Versions of XenForo prior to 2.3.7 had a vulnerability related to information leakage, which originated from caching of local account pages on shared systems. This vulnerability could potentially lead to sensitive user information bein...
CVE-2022-43841
IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078...
SUSE CVE-2017-5033
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline...
IBM Jazz Team Server 安全漏洞
IBM Jazz Team Server is an application server from IBM Corporation of America. IBM Jazz Team Server provides base services that enable a group of tools to work together as a single logical server, and includes any number of Jazz Team Server Extensions that provide tool-specific functionality.An...
Privilege Escalation
Mozilla Firefox is vulnerable to privilege escalation. The vulnerability exists in an unknown functionality of the component WebExtension. An attacker could run content scripts in local pages without permission warnings when a local file is opened resulting in a privilege escalation...
DEBIAN-CVE-2018-12397
A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This...
Mozilla: WebExtension local file permission check bypass
A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. This allows extensions to run content scripts in local pages without permission warnings when a local file is opened. This...