Mozilla: Sandboxed iframes were able to bypass sandbox restrictions to open a new window

The Mozilla Foundation Security Advisory describes this flaw as: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window...

Mozilla: Sandboxed iframes were able to bypass sandbox restrictions to open a new window

The Mozilla Foundation Security Advisory describes this flaw as: By tricking the browser with a X-Frame-Options header, a sandboxed iframe could have presented a button that, if clicked by a user, would bypass restrictions to open a new window...

QRadar Community Edition 7.3.1.6 Cross Site Scripting

------------------------------------------------------------------------ Reflected Cross-Site Scripting in QRadar Forensics link analysis page ------------------------------------------------------------------------ Yorick Koster, September 2019...

UBUNTU-CVE-2019-3850

A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4.8 and 3.1.17. Links within assignment submission comments would open directly in the same window. Although links themselves may be valid, opening within the same window and without the no-referrer header policy made them more...