Lucene search
K

93 matches found

OSV
OSV
added 2025/01/28 12:47 a.m.7 views

GO-2025-3420 Sensitive headers incorrectly sent after cross-domain redirect in net/http

The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however,...

6.1CVSS6.7AI score0.00647EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/01/20 3:52 a.m.1 views

SUSE CVE-2024-45336

The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however,...

5.9CVSS8.1AI score0.00647EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2024/10/11 3:33 a.m.3 views

SUSE CVE-2023-29547

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for...

6.5CVSS8.5AI score0.00469EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.163 views

Flash Rosetta JSONP GET/POST Response Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Flash "Rosetta" JSONP GET/POST Response Disclosure', 'Description' = %q A website that serves a JSONP endpoint that accepts a custo...

4.3CVSS6.9AI score0.23024EPSS
Exploits4
OSV
OSV
added 2024/07/16 5:3 p.m.5 views

CVE-2024-40626 Stored Cross-site Scripting (XSS) vulnerability in Outline editor

Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting XSS vulnerability in Outline. An authenticated user can create a document containing a malicious JavaScript payload. When other...

7.3CVSS5.3AI score0.00515EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2024/05/21 2:1 a.m.4 views

SUSE CVE-2024-1968

In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme e.g., HTTPS to HTTP but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in...

6.5CVSS6.3AI score0.00682EPSS
Exploits1References3
OSV
OSV
added 2024/05/20 9:30 a.m.1 views

GHSA-CG34-W3FM-82H3 Duplicate Advisory: Scrapy leaks the authorization header on same-domain but cross-origin redirects

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4qqq-9vqf-3h3f. This link is maintained to preserve external references. Original Description In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only...

7.5CVSS6.9AI score0.00682EPSS
Exploits1References3
OSV
OSV
added 2024/05/20 8:15 a.m.2 views

DEBIAN-CVE-2024-1968

In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme e.g., HTTPS to HTTP but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in...

7.5CVSS7.4AI score0.00682EPSS
Exploits1References1
OSV
OSV
added 2024/05/14 8:14 p.m.1 views

GHSA-4QQQ-9VQF-3H3F Scrapy leaks the authorization header on same-domain but cross-origin redirects

Impact Since version 2.11.1, Scrapy drops the Authorization header when a request is redirected to a different domain. However, it keeps the header if the domain remains the same but the scheme http/https or the port change, all scenarios where the header should also be dropped. In the context of...

5.9CVSS7.1AI score0.00682EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2024/05/14 8:14 p.m.18 views

Scrapy leaks the authorization header on same-domain but cross-origin redirects

Impact Since version 2.11.1, Scrapy drops the Authorization header when a request is redirected to a different domain. However, it keeps the header if the domain remains the same but the scheme http/https or the port change, all scenarios where the header should also be dropped. In the context of...

7.5CVSS7AI score0.00682EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/04/26 9:15 p.m.2 views

UBUNTU-CVE-2024-32887

Sidekiq is simple, efficient background processing for Ruby. Sidekiq is reflected XSS vulnerability. The value of substr parameter is reflected in the response without any encoding, allowing an attacker to inject Javascript code into the response of the application. An attacker could exploit it t...

5.5CVSS5.8AI score0.00594EPSS
Exploits0References5
OSV
OSV
added 2024/03/24 1:15 a.m.4 views

DEBIAN-CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

5.3CVSS7.3AI score0.00557EPSS
Exploits0References1
OSV
OSV
added 2023/10/10 5:15 p.m.5 views

CVE-2023-36556

An incorrect authorization vulnerability CWE-863 in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login on other users accounts from the same web domain via crafted HTTP or HTTPs requests...

8.8CVSS5.8AI score0.00838EPSS
Exploits0References1
OSV
OSV
added 2023/06/02 5:15 p.m.4 views

CVE-2023-29547

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for...

6.5CVSS7AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/06/02 5:15 p.m.2 views

CVE-2023-29547

When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for...

6.5CVSS6.8AI score0.00469EPSS
Exploits0References3
OSV
OSV
added 2023/05/11 7:15 p.m.6 views

CVE-2023-2444

A cross site request forgery vulnerability exists in Rockwell Automation's FactoryTalk Vantagepoint. This vulnerability can be exploited in two ways. If an attacker sends a malicious link to a computer that is on the same domain as the FactoryTalk Vantagepoint server and a user clicks the link, t...

8.8CVSS6.8AI score0.00378EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.4 views

SUSE CVE-2002-1467

Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via 1 an HTTP redirect, 2 a "file://" base in a web document, or 3 a relative URL from a web archive mht file...

5CVSS7AI score0.01907EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-1084

Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is executed in the context of the last visited web page...

6.8CVSS6.6AI score0.01467EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/27 9:15 p.m.5 views

CVE-2022-36956

In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. The affects 9.0.x through 9.0.0.1 and 9.1.x through 9.1.0.1...

9CVSS6.1AI score0.00458EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/02/01 12:21 p.m.35 views

CVE-2021-24814 WordPress GDPR & CCPA < 1.9.26 - Authenticated Reflected Cross-Site Scripting

The checkprivacysettings AJAX action of the WordPress GDPR WordPress plugin before 1.9.26, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web...

9.5AI score0.02085EPSS
Exploits2References1
Rows per page
Query Builder