CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment...

Naver Whale Browser 安全漏洞

Naver Whale Browser is a web browser from Naver, a South Korean company that supports user-defined interfaces. A security vulnerability exists in Naver Whale Browser versions prior to 4.35.351.12, which stems from a same-origin policy bypass in the sidebar environment...

PT-2025-53835

Name of the Vulnerable Software and Affected Versions Whale browser versions prior to 4.35.351.12 Description A flaw exists in Whale browser that allows an attacker to circumvent the Same-Origin Policy within a sidebar environment. This bypass could potentially allow unauthorized access to data o...

CVE-2025-23535 WordPress REAL WordPress Sidebar plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in martinziegert REAL WordPress Sidebar drag-and-drop-custom-sidebar allows Stored XSS.This issue affects REAL WordPress Sidebar: from n/a through = 0.1...

CVE-2022-24004

A Stored Cross-Site Scripting XSS vulnerability was discovered in Messenger/messengerajax.php in REDCap 12.0.11. This issue allows any authenticated user to inject arbitrary code into the messenger title aka newtitle field when editing an existing conversation. The payload executes in the browser...

DEBIAN-CVE-2007-2627

Cross-site scripting XSS vulnerability in sidebar.php in WordPress, when custom 404 pages that call getsidebar are used, allows remote attackers to inject arbitrary web script or HTML via the query string PHPSELF, a different vulnerability than CVE-2007-1622...

CVE-2007-2627

Cross-site scripting XSS vulnerability in sidebar.php in WordPress, when custom 404 pages that call getsidebar are used, allows remote attackers to inject arbitrary web script or HTML via the query string PHPSELF, a different vulnerability than CVE-2007-1622...