64 matches found
Design/Logic Flaw
Das Q before 2019-08-02 allows web sites to execute arbitrary code on client machines, as demonstrated by a cross-origin /install request with an attacker-controlled releaseUrl, which triggers download and execution of code within a ZIP archive...
CVE-2019-14551
Das Q before 2019-08-02 allows web sites to execute arbitrary code on client machines, as demonstrated by a cross-origin /install request with an attacker-controlled releaseUrl, which triggers download and execution of code within a ZIP archive...
CVE-2019-14551
Technical details (affected product, versions, root cause, exploit specifics) are not publicly provided in the connected documents; monitor for updates.
Automattic: Denial of service to WP-JSON API by cache poisoning the CORS allow origin header
The WP-JSON implementation on some wordpress.com websites I've tested is vulnerable to denial of service where by an attacker can provide an arbitrary Origin header in the request, which is then echoed back in the response via the Access-Control-Allow-Origin header, which is cached and served to...
HackerOne: Lack of cross-origin request blocking allows leaking of sensitive information on several endpoints
Summary: It is possible to make users leak sensitive information on several endpoints by measuring the time certain requests take to be cached. Description: If a request is made to https://hackerone.com/github/weaknesses and the user is logged in, the size of the response will be around 9kb becau...
Dell SonicWALL Global Management System (GMS) 8.1 Adobe Flex SOP Bypass
Summary Provide your organization, distributed enterprise or managed service offering with an intuitive, powerful way to rapidly deploy and centrally manage SonicWall solutions, with SonicWall GMS. Get more value from your firewall, secure remote access, anti-spam, and backup and recovery solutio...
Dell SonicWALL Global Management System GMS 8.1 Adobe Flex SOP Bypass Vulnerability
Dell SonicWALL GMS versions 8.1 and below are compiled with a vulnerable version of Adobe Flex SDK allowing for same-origin request forgery and cross-site content hijacking i? Dell SonicWALL Global Management System GMS 8.1 Adobe Flex SOP Bypass Vendor: Dell Inc. Product web page:...
Dell SonicWALL Global Management System (GMS) 8.1 Adobe Flex SOP Bypass
Summary Provide your organization, distributed enterprise or managed service offering with an intuitive, powerful way to rapidly deploy and centrally manage SonicWall solutions, with SonicWall GMS. Get more value from your firewall, secure remote access, anti-spam, and backup and recovery solutio...
Ruby on Rails jquery-ujs和jquery-rails安全绕过漏洞
Impact In the scenario where an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the href or action to " https://attacker.com" note the leading space that will be passed to JQuery, who...
Mozilla Firefox and Firefox ESR Same Origin Policy Bypass Vulnerability
Mozilla Firefox is an open source web browser.Firefox ESR is an extended support version of Firefox. Mozilla Firefox incorrectly uses the CORS cross-origin request algorithm of the POST method to handle the server-side Content-Type header, and a remote attacker can exploit the vulnerability to...
CVE-2015-7193
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly follow the CORS cross-origin request algorithm for the POST method in situations involving an unspecified Content-Type header manipulation, which allows remote attackers to bypass the Same Origin Policy by leveraging the lack...
CVE-2015-6762
The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets CSS implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows...
CVE-2015-6762
CVE-2015-6762 affects Chromium/Google Chrome engines prior to 46.0.2490.71. The vulnerability lies in the CSSFontFaceSrcValue::fetch path in Blink’s CSS font loading, where the CORS cross-origin request algorithm is not used for fonts with seemingly same-origin URLs, allowing a remote server to b...
UBUNTU-CVE-2015-6762
The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets CSS implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows...
CVE-2015-3752
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive...
Cross site request forgery (csrf)
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive...
CVE-2015-3752
The CVE-2015-3752 issue affects WebKit’s Content Security Policy handling in Safari (and underlying WebKit in iOS) prior to specific updates. The root cause is improper restriction of cookie transmission for CSP report requests, enabling potential leakage of cookies via cross-origin requests or p...
CVE-2015-3752
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive...
CVE-2015-3752
The Content Security Policy implementation in WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly restrict cookie transmission for report requests, which allows remote attackers to obtain sensitive...
CSRF Vulnerability in jquery-rails
In the scenario where an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the href or action to " https://attacker.com" note the leading space that will be passed to JQuery, who will s...