GHSA-W7GH-F2FM-9Q8R PEAR HTTP_Request2 vulnerable to Cross-site Scripting

In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...

CVE-2025-43717

In PEAR HTTPRequest2 before 2.7.0, multiple files in the tests directory, notably tests/network/getparameters.php and tests/network/postparameters.php, reflect any GET or POST parameters, leading to XSS...

CVE-2022-36318

When visiting directory listings for chrome:// URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

Design/Logic Flaw

When visiting directory listings for chrome:// URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

CVE-2022-36318

When visiting directory listings for chrome:// URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR 102.1, Firefox ESR 91.12, Firefox 103, Thunderbird 102.1, and Thunderbird 91.12...

AlmaLinux 8 : firefox (5777) (ALSA-2022:5777)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:5777 advisory. - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102. Some of these bugs showed evidence of memory...

Oracle Linux 8 : firefox (ELSA-2022-5777)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5777 advisory. 91.12.0-2.0.1 - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 91.12.0-1 - Update to 91.12...

Mozilla: Directory indexes for bundled resources reflected URL parameters

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when visiting directory listings for chrome:// URLs as source text, some parameters were reflected...

Mozilla: Directory indexes for bundled resources reflected URL parameters

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when visiting directory listings for chrome:// URLs as source text, some parameters were reflected...

Mozilla: Directory indexes for bundled resources reflected URL parameters

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when visiting directory listings for chrome:// URLs as source text, some parameters were reflected...

Mozilla: Directory indexes for bundled resources reflected URL parameters

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when visiting directory listings for chrome:// URLs as source text, some parameters were reflected...

Mozilla: Directory indexes for bundled resources reflected URL parameters

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when visiting directory listings for chrome:// URLs as source text, some parameters were reflected...

Sigurlx - A Web Application Attack Surface Mapping Tool

sigurlx a web application attack surface mapping tool, it does ...: Categorize URLs URLs' categories: endpoint js js style css data json|xml|csv archive zip|tar|tar.gz doc pdf|xlsx|doc|docx|txt media jpg|jpeg|png|ico|svg|gif|webp|mp3|mp4|woff|woff2|ttf|eot|tif|tiff Next, probe HTTP requests to th...

CareerUp < 2.3.1 - Unauthenticated Reflected Cross-Site Scripting

There are unauthenticated reflected Cross-Site Scripting XSS vulnerabilities in CareerUp theme, via the filter parameters. Edit WPScanTeam May 27th, 2020 - Vendor Contacted by Original Submitter. May 29th, 2020 - v2.3.0 Released. Unclear if issue fixed. June 18th, 2020 - Another submitter Vlad...