Lucene search
K

9 matches found

NVD
NVD
added 2026/06/29 10:16 a.m.9 views

CVE-2026-13601

A flaw was found in Yelp due to an overly permissive Content Security Policy CSP implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG document,...

7.1CVSS0.0012EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/29 9:20 a.m.6 views

CVE-2026-13601 Yelp: yelp-xsl: overly permissive content security policy in yelp allows host file disclosure from flatpak applications

A flaw was found in Yelp due to an overly permissive Content Security Policy CSP implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG document,...

7.1CVSS5.9AI score0.0012EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 9:20 a.m.6 views

EUVD-2026-40066

A flaw was found in Yelp due to an overly permissive Content Security Policy CSP implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG document,...

7.1CVSS5.9AI score0.0012EPSS
Exploits0References5
CVE
CVE
added 2026/06/29 9:20 a.m.22 views

CVE-2026-13601

CVE-2026-13601 involves Yelp’s yelp-xsl CSP implementation. A malicious Flatpak can exploit an overly permissive CSP in Yelp by loading crafted help content via OpenURI, embedding an untrusted CSS stylesheet inside a structured SVG. This enables attacker-controlled content to bypass the Flatpak s...

7.1CVSS5.9AI score0.0012EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/01/21 1:1 a.m.8 views

EUVD-2026-3296

Mailpit has a Server-Side Request Forgery SSRF via HTML Check API...

5.8CVSS5.3AI score0.00396EPSS
Exploits1References4
Snyk
Snyk
added 2026/01/19 7:47 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the inlineRemoteCSS function during the HTML email analysis process. An attacker can cause the server to make arbitrary HTTP requests to external resources by supplying crafted HTML emails containing...

7.5CVSS5.8AI score0.00396EPSS
Exploits1References2
CVE
CVE
added 2026/01/19 7:1 p.m.30 views

CVE-2026-23845

Mailpit (github.com/axllent/mailpit) is affected by SSRF via the HTML Check API. The HTMLCheck flow processes HTML emails by inlining external CSS files through inlineRemoteCSS(), which fetches URLs found in tags. Root cause: insufficient URL validation and unrestricted external fetching in isUR...

7.5CVSS5.5AI score0.00396EPSS
Exploits1References3Affected Software1
seebug.org
seebug.org
added 2010/09/03 12:0 a.m.18 views

uchome 2.0 存在持久XSS漏洞

看源码分析的,出错位置较敏感,而且基本没有利用限制,个人主页自定义风格时,可@import外部css文件 uchome 2.0 临时解决方法: implode应该是import的笔误 /expression|vbscript|javascript|import/i 以下在uchome 简体utf-8 2.0测试IE6,IE7,IE8通过. @import urlhttp://xxx.com/1.css; 包含远程css文件,可以在1.css中写入XSS利用. 分析代码 cptheme.php 92行17行调用 function checksecurity$str...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/02/17 9:12 p.m.6 views

firefox/thunderbird/seamonkey: browser chrome defacement via cached XUL stylesheets (MFSA 2010-14)

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...

5CVSS7.4AI score0.01689EPSS
Exploits1References4
Rows per page
Query Builder