233 matches found
CVE-2020-6465
Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
DEBIAN-CVE-2019-13692
Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...
CVE-2019-13692
Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...
UBUNTU-CVE-2019-13692
Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...
chromium-browser: SOP bypass
Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...
CVE-2019-13692
Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...
KLA11741 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Policy enforcement...
Mozilla and Google Browsers Get Security, Anti-Tracking Boosts
Browsers Firefox and Chrome received updates this week, both adding security and privacy tools that help with password management and help block sites that track users. Mozilla’s Firefox browser introduced an “Enhanced Tracking Protection” feature that blocks over 1,000 third-party companies that...
Information Disclosure
firefox is vulnerable to information disclosure attacks. The vulnerability exists as Reader Mode did not strip the username and password section of URLs displayed in the addressbar...
CVE-2018-12370
In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox 61...
Mozilla: address bar username and password spoofing in reader mode
When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...
Mozilla: address bar username and password spoofing in reader mode
When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...
CVE-2017-7762
When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...
CVE-2017-7762
When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...
CVE-2017-5463
Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerabili...
CVE-2017-5463
Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerabili...
Code injection
Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerabili...
CVE-2017-7762
When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...
CVE-2017-7762
Summary: CVE-2017-7762 is a vulnerability in Firefox where, when entering a URL directly, Reader Mode did not strip the username and password portion of the address bar, enabling domain spoofing. The issue affects Firefox versions earlier than 54. The available connected documents confirm the roo...
CVE-2017-5463
CVE-2017-5463 affects Firefox for Android prior to version 53.0. The issue arises when Android intents can launch Firefox in reader mode with a user-supplied URL, allowing spoofing of the address bar contents shown to users. Public details in the provided sources confirm the affected product (Fir...