233 matches found
CVE-2023-5758
When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting XSS attack. This vulnerability affects Firefox for iOS 119...
PT-2023-6526 · Mozilla · Firefox
Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 119 Description: The issue is related to the reader mode in Firefox, where the structure of a web page is not properly protected, allowing for potential exploitation. This could lead to a reflected Cross-Site...
Security Vulnerabilities fixed in Firefox for iOS 119 — Mozilla
When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting XSS attack...
WordPress Reader Mode - Distraction-Free Content Reader Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Reader Mode - Distraction-Free Content Reader Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5a7281cdb812 Credits Rafi...
SUSE CVE-2012-3987
Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site...
SUSE CVE-2015-0798
The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origi...
SUSE CVE-2015-4508
Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relationship between address-bar URLs and web content via a crafted web site...
SUSE CVE-2017-7762
When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...
SUSE CVE-2019-13692
Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...
SUSE CVE-2020-6465
Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...
SUSE CVE-2021-21163
Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server...
SUSE CVE-2021-30518
Heap buffer overflow in Reader Mode in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
SUSE CVE-2021-45087
XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...
SUSE CVE-2022-0453
Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...
SUSE CVE-2022-29912
Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
CVE-2022-29912
Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
DEBIAN-CVE-2022-29912
Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
Design/Logic Flaw
Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
CVE-2022-29912
Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
CVE-2022-29912
Requests initiated through reader mode did not properly omit cookies with a SameSite attribute. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...