5 matches found
Cross site scripting
A cross-site scripting XSS vulnerability exists in MISP v2.4.128 in app/Controller/UserSettingsController.php at SetHomePage function. Due to a lack of controller validation in "path" parameter, an attacker can execute malicious JavaScript code...
CVE-2020-24085
A cross-site scripting XSS vulnerability exists in MISP v2.4.128 in app/Controller/UserSettingsController.php at SetHomePage function. Due to a lack of controller validation in "path" parameter, an attacker can execute malicious JavaScript code...
NtlmRelayToEWS - Ntlm Relay Attack To Exchange Web Services
ntlmRelayToEWS is a tool for performing ntlm relay attacks on Exchange Web Services EWS. It spawns an SMBListener on port 445 and an HTTPListener on port 80, waiting for incoming connection from the victim. Once the victim connects to one of the listeners, an NTLM negociation occurs and is relaye...
CVE-2009-3944
This CVE concerns the BlackBerry Browser on the BlackBerry 8800. It describes a remotely triggerable denial of service caused by a JavaScript loop that configures the home page via the setHomePage method and a DHTML behavior property. The statement implies the vulnerability arises from how the pa...
Microsoft Internet Explorer DoS
Unremovable dialog with cycled setHomePage...