CVE-2019-6031

Kinza browser (Windows, v5.9.2 and earlier; Mac, v5.0.0 and earlier) is affected by a cross-site scripting vulnerability (CWE-79) in the RSS reader, allowing an attacker to inject arbitrary web script or HTML. The available sources indicate that exploitation is feasible if Content Security Policy...

CVE-2019-6031

Cross-site scripting vulnerability in KINZA for Windows version 5.9.2 and earlier and for Mac version 5.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via RSS reader...

CVE-2017-5453

A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox 53...

Spoofing

A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox 53...

CVE-2017-5453

CVE-2017-5453 affects Mozilla Firefox

CVE-2017-5453

A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox 53...

Mozilla Patches Critical Bug in Thunderbird

Mozilla issued a critical security update to its popular open-source Thunderbird email client. The patch was part of a December release of five fixes that included two bugs rated high and one rated moderate and another low. Mozilla said Thunderbird, which is also serves as a news, RSS and chat...

CVE-2017-5453

A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox 53...

CVE-2017-5453

A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox 53...

UBUNTU-CVE-2017-5453

A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox 53...

Open-Xchange (OX) App Suite Multiple Vulnerabilities -02 (Jan 2017)

Open-Xchange OX App Suite is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-6852

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Users can provide local file paths to the RSS reader; the response and error code give hints about whether the provided file exists or not. Attackers may discover specific system files or library versions on the middleware...

Open redirect

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Users can provide local file paths to the RSS reader; the response and error code give hints about whether the provided file exists or not. Attackers may discover specific system files or library versions on the middleware...

CVE-2016-6852

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Users can provide local file paths to the RSS reader; the response and error code give hints about whether the provided file exists or not. Attackers may discover specific system files or library versions on the middleware...

CVE-2016-6852

Open-Xchange OX App Suite is affected by CVE-2016-6852. The vulnerability exists in versions prior to 7.8.2-rev8 and arises from allowing users to supply local file paths to the RSS reader. The response and error handling can reveal whether a given path exists, enabling attackers to enumerate spe...

technos-k.jp XSS vulnerability

Vulnerable URL: http://technos-k.jp/rssreader/stylepreview.php Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check technos-k.jp SS...

nrss reader 0.3.9 logic denial of service vulnerability

No description provided by source. Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: NRSS RSS Reader Version: 0.3.9-1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program descriptio...

NRSS News Reader 0.3.9-1 Stack Buffer Overflow

Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: NRSS RSS Reader Version: 0.3.9-1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: NRSS is a console based RSS read...

NRSS Reader 0.3.9 - Local Stack Overflow

NRSS Reader 0.3.9 - Local Stack Overflow Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: NRSS RSS Reader Version: 0.3.9-1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program...

NRSS Reader 0.3.9 - Local Stack Based Overflow

Exploit for linux platform in category local exploits Program affected: NRSS RSS Reader Version: 0.3.9-1 Tested and developed under: Kali Linux 2.0 x86 - https://www.kali.org Program description: NRSS is a console based RSS reader allowing uses to read and manage RSS feeds Kali Linux 2.0 package:...