Lucene search
K

233 matches found

NVD
NVD
added 2023/10/25 6:17 p.m.17 views

CVE-2023-5758

When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting XSS attack. This vulnerability affects Firefox for iOS 119...

6.1CVSS5.5AI score0.00429EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.4 views

PT-2023-6526 · Mozilla · Firefox

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 119 Description: The issue is related to the reader mode in Firefox, where the structure of a web page is not properly protected, allowing for potential exploitation. This could lead to a reflected Cross-Site...

6.1CVSS5.8AI score0.00429EPSS
Exploits0References9
Mozilla
Mozilla
added 2023/10/24 12:0 a.m.27 views

Security Vulnerabilities fixed in Firefox for iOS 119 — Mozilla

When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting XSS attack...

6.1CVSS6.1AI score0.00429EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Reader Mode - Distraction-Free Content Reader Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Reader Mode - Distraction-Free Content Reader Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5a7281cdb812 Credits Rafi...

6.4AI score0.00284EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.3 views

SUSE CVE-2012-3987

Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site...

4CVSS6.7AI score0.01451EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:22 a.m.4 views

SUSE CVE-2015-0798

The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origi...

5CVSS8.9AI score0.02235EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.1 views

SUSE CVE-2015-4508

Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site...

2.6CVSS8.4AI score0.02246EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:47 a.m.1 views

SUSE CVE-2017-7762

When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...

7.5CVSS8.7AI score0.01945EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:10 a.m.1 views

SUSE CVE-2019-13692

Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...

8.8CVSS7.5AI score0.00724EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:2 a.m.1 views

SUSE CVE-2020-6465

Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS8.3AI score0.0159EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.3 views

SUSE CVE-2021-21163

Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server...

6.5CVSS6.8AI score0.0094EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:42 a.m.2 views

SUSE CVE-2021-30518

Heap buffer overflow in Reader Mode in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9AI score0.01343EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:36 a.m.2 views

SUSE CVE-2021-45087

XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...

6.1CVSS5.9AI score0.01485EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.2 views

SUSE CVE-2022-0453

Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.5AI score0.00745EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.3 views

SUSE CVE-2022-29912

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

6.1CVSS8.8AI score0.00644EPSS
Exploits1References9
OSV
OSV
added 2022/12/22 8:15 p.m.7 views

CVE-2022-29912

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

6.1CVSS8.9AI score
Exploits0References4
OSV
OSV
added 2022/12/22 8:15 p.m.1 views

DEBIAN-CVE-2022-29912

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

6.1CVSS6.7AI score0.00644EPSS
Exploits1References1
Prion
Prion
added 2022/12/22 8:15 p.m.16 views

Design/Logic Flaw

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

5.8CVSS6.8AI score0.00644EPSS
Exploits1References4Affected Software3
Debian CVE
Debian CVE
added 2022/12/22 12:0 a.m.38 views

CVE-2022-29912

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

6.1CVSS8.4AI score0.00644EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2022/12/22 12:0 a.m.39 views

CVE-2022-29912

Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

6.1CVSS7.6AI score0.00644EPSS
Exploits1
Rows per page
Query Builder