8 matches found
Improper Validation of Specified Quantity in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input when handling InternetDomainName values. An attacker can access cookies set by the application across subdomains by controlling a website that shares the same top-level domain...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview flarum/core is a simple discussion platform for your website. Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via authoritative subdomain cookie overwrite. An attacker controlling a...
OESA-2023-1515 python-werkzeug security update
werkzeug German noun: "tool". Etymology: werk "work", zeug "stuff" Werkzeug is a comprehensive WSGI web application library. It began as a simple collection of various utilities for WSGI applications and has become one of the most advanced WSGI utility libraries. It includes: - An interactive...
CVE-2023-23849
Versions of Coverity Connect prior to 2022.12.0 are vulnerable to an unauthenticated Cross-Site Scripting vulnerability. Any web service hosted on the same sub domain can set a cookie for the whole subdomain which can be used to bypass other mitigations in place for malicious purposes...
CVE-2007-0742
The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information...
Information disclosure
The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information...
CVE-2007-0742
CVE-2007-0742 : The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, enabling remote attackers to obtain sensitive information. Affected: Mac OS X 10.3.9 and earlier (WebFoundation-related cookie handling). Impact: potentia...
CVE-2007-0742
The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information...