91 matches found
WordPress plugin Custom Content Scrollbar 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2024-50467
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in siteengineai Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin scrollbar-by-webxapp allows Stored XSS.This issue affects Scrollbar by webxapp – Best vertical/horizontal scrollbars...
CVE-2024-50467 WordPress Scrollbar by webxapp plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in siteengineai Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin scrollbar-by-webxapp allows Stored XSS.This issue affects Scrollbar by webxapp – Best vertical/horizontal scrollbars...
CVE-2024-50467 WordPress Scrollbar by webxapp plugin <= 1.3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in siteengineai Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin scrollbar-by-webxapp allows Stored XSS.This issue affects Scrollbar by webxapp – Best vertical/horizontal scrollbars...
CVE-2024-50467
CVE-2024-50467 refers to a Stored XSS vulnerability in the WordPress plugin “Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin” (affected: versions n/a through 1.3.0). The root cause is improper neutralization of input during web page generation, enabling attacker-supplied content...
WordPress plugin Scrollbar by webxapp 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2024-34243
Name of the Vulnerable Software and Affected Versions: Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin versions n/a through 1.3.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows...
WordPress Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
Software Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50467 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b9d4e089f0a...
WordPress Ultimate Custom ScrollBar Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
Software Ultimate Custom ScrollBar Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9b4f77bc482f Credits Rafie Muhammad Patchstack...
WordPress Scrollbar Customizer Plugin <= 1.5.0 is vulnerable to Cross Site Scripting (XSS)
Software Scrollbar Customizer Type Plugin Vulnerable versions = 1.5.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 71d91cdab1e8 Credits Rafie Muhammad Patchstack...
SUSE CVE-2010-3816
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving scrollbars...
SUSE CVE-2013-1735
Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors...
SUSE CVE-2014-3201
core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used in Google Chrome before 38.0.2125.102 on Android, does not properly handle a certain IFRAME overflow condition, which allows remote attackers to spoof content via a crafted web site that interferes with the scrollbar...
openSUSE Security Update : links (openSUSE-2019-2185)
This update for links fixes the following issues : links was updated to 2.20.1 : - libevent bug fixes links was updated to 2.20 : - Security bug fixed: when links was connected to tor, it would send real dns requests outside the tor network when the displayed page contains link elements with...
May 25, 2017—KB4020102 (OS Build 15063.332)
May 25, 2017—KB4020102 OS Build 15063.332 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where NTLM fails to generate a challenge response when CredGuard is enabled, NTLMv...
December 12, 2017—KB4053579 (OS Build 14393.1944)
December 12, 2017—KB4053579 OS Build 14393.1944 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue where users of SQL Server Reporting Services may not be able to use the...
Tor: Scrollbar Width permits detecting browser platform
In April 2017 shortly before this bug bounty program went live, I repeatedly attempted to report this information disclosure vulnerability. However, my emails to the Tor Project's official vulnerability disclosure address went unanswered. It was not until I posted a public blog entry -- with a...
Internet Explorer help
None None...
webkit -- UI spoof
webkit reports: The ScrollView::paint function in platform/scroll/ScrollView.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to spoof the UI by extending scrollbar painting into the parent frame...
CVE2015-0 0 5 7 vulnerability of the sample to construct out-vulnerability warning-the black bar safety net
0x00 Preface Microsoft's latest patch fixes a CVE2015-0 0 5 7 mention the right vulnerability, the same day that the vulnerability discovery has published analytical articles in the One-Bit To Rule Them All: Bypassing Windows’ 1 0 Protections using a Single Bit of action, after reading the articl...