Nextcloud: tabnabbing in roundcube webmail

A tab nabbing vulnerability was discovered in Roundcube webmail. This vulnerability allowed a malicious website opened in a new tab to access the initial tab and change its location. This could be exploited to perform phishing attacks...

SUSE CVE-2014-3172

The Debugger extension API in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as...

CVE-2021-25521

Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in Samsung Internet...

Kentico Design Vulnerability

Kentico is the United States Kentico company's set of ASP.NET-based content management system CMS. Kentico versions 11 through 12 allow attackers to upload and browse files without authentication via the cmsmodules/medialibrary/formcontrols/liveselectors/insertimageormedia/tabsmedia.aspx URI...

UBUNTU-CVE-2014-3172

The Debugger extension API in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as...