Lucene search
K

80 matches found

Hacker One
Hacker One
added 2018/09/07 8:39 p.m.32 views

Ruby on Rails: ActiveStorage service's signed URLs can be hijacked via AppCache+Cookie stuffing trick when using GCS or DiskService

ActiveStorage tries to force content-disposition: attachment for a list of content-types, including text/html. However, response-content-type and response-content-disposition in GCS and DiskService's URLs aren't signed, which means an attacker can modify them at will. This is not the case for Azu...

4.3CVSS1.4AI score0.01311EPSS
Exploits1
RubySec
RubySec
added 2018/05/23 12:0 a.m.39 views

ruby-grape Gem has XSS via "format" parameter

When request on API contains the "format" parameter in GET, the input value of this parameter is rendered as the web-server responds with text/html header. Example: http://example.com/api/endpoint?format=%3Cscript%3Ealertdocument.cookie%3C/script%3E...

6.1CVSS1.5AI score0.01428EPSS
Exploits1References1Affected Software1
Kitploit
Kitploit
added 2017/09/20 2:0 p.m.27 views

dcrawl - Simple, But Smart, Multi-Threaded Web Crawler For Randomly Gathering Huge Lists Of Unique Domain Names

dcrawl is a simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. How it works? dcrawl takes one site URL as input and detects all links in the site's body. Each found link is put into the queue. Successively, each queued link is crawled in the sa...

7.1AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2017/05/08 6:45 a.m.6 views

Mozilla: Origin confusion when reloading isolated data:text/html URL (MFSA 2017-12)

If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly. This allows for a cross-site scripting XSS attack. This vulnerability affects Thunderbi...

6.1CVSS7AI score0.01546EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2017/04/21 12:49 a.m.8 views

Mozilla: Origin confusion when reloading isolated data:text/html URL (MFSA 2017-12)

If a page is loaded from an original site through a hyperlink and contains a redirect to a "data:text/html" URL, triggering a reload will run the reloaded "data:text/html" page with its origin set incorrectly. This allows for a cross-site scripting XSS attack. This vulnerability affects Thunderbi...

6.1CVSS7AI score0.01546EPSS
Exploits1References5
OSV
OSV
added 2017/01/12 11:59 p.m.17 views

CVE-2016-5737

The Gerrit configuration in the Openstack Puppet module for Gerrit aka puppet-gerrit improperly marks text/html as a safe mimetype, which might allow remote attackers to conduct cross-site scripting XSS attacks via a crafted review...

6.1CVSS5.9AI score
Exploits0References3
OSV
OSV
added 2016/12/20 10:59 p.m.3 views

DEBIAN-CVE-2016-5303

Cross-site scripting XSS vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via crafted data:text/html content in a form 1 action or 2 xlink attribute...

6.1CVSS6AI score0.01509EPSS
Exploits0References1
OSV
OSV
added 2016/12/20 10:59 p.m.14 views

UBUNTU-CVE-2016-5303

Cross-site scripting XSS vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via crafted data:text/html content in a form 1 action or 2 xlink attribute...

6.1CVSS6.5AI score0.01509EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2015/06/22 12:0 a.m.32 views

devel/ipython -- remote execution

Kyle Kelley reports: Summary: JSON error responses from the IPython notebook REST API contained URL parameters and were incorrectly reported as text/html instead of application/json. The error messages included some of these URL params, resulting in a cross site scripting attack. This affects use...

6.1CVSS6.6AI score0.01762EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2015/03/27 6:14 a.m.17 views

jcsmsy.jconline.cn XSS vulnerability

Open Bug Bounty ID: OBB-56765 Description| Value ---|--- Affected Website:| jcsmsy.jconline.cn Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...

6.4AI score
Exploits0
Hacker One
Hacker One
added 2014/04/21 7:45 p.m.42 views

Cloudflare: Content spoofing /CSRF at https://www.cloudflare.com/ajax/modal-dialog.html

Hi there, I noticed two things on the following url: https://www.cloudflare.com/ajax/modal-dialog.html 1. CSRF There are some csrf countermeasures in place e.g. X-Requested-With: XMLHttpRequest, however they're not validated on the server. This leads to an uncritical csrf: 2. Content spoofing Usi...

6.7AI score
Exploits0
Atlassian
Atlassian
added 2013/01/02 4:17 a.m.25 views

Reflected xss in the jira-gadgets-plugin getLabelGroups rest resource

The jira-gadgets-plugin LabelsResource class exposes a getLabelGroups rest resource that is vulnerable to reflected xss through the user supplied 'project' path parameter. The vulnerability is caused by building an error response message with a content type of text/html and not html encoding the...

0.2AI score
Exploits0
Mozilla
Mozilla
added 2012/08/28 12:0 a.m.46 views

DOMParser loads linked resources in extensions when parsing text/html — Mozilla

Security researcher vsemozhetbyt reported that when the DOMParser is used to parse text/html data in a Firefox extension, linked resources within this HTML data will be loaded. If the data being parsed in the extension is untrusted, it could lead to information leakage and can potentially be...

4.3CVSS8.9AI score0.01869EPSS
Exploits0References2Affected Software3
NVD
NVD
added 2012/07/21 3:38 a.m.16 views

CVE-2012-2364

Cross-site scripting XSS vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a...

3.5CVSS5.1AI score0.00795EPSS
Exploits0References2
seebug.org
seebug.org
added 2010/03/21 12:0 a.m.56 views

Citrix Web Interface源码信息泄露漏洞

BUGTRAQ ID: 38838 Citrix Web Interface是Citrix Presentation Server上使用的免费附件组件,允许用户使用浏览器连接到应用。 Citrix Web Interface的ClientScripts文件夹中的JavaScript文件包含有ASP.NET代码,Citrix ASPX文件会引用这些文件用于解析JS文件中的ASP.NET内容,解析后所生成的JavaScript内容在浏览器中ASPX页面显示。...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2009/08/31 12:0 a.m.6 views

PT-2009-5350 · Mozilla · Firefox +1

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 3.0.13 and earlier Mozilla Firefox version 3.5 Mozilla Firefox version 3.6 a1 pre Mozilla Firefox version 3.7 a1 pre SeaMonkey version 1.1.17 Mozilla versions 1.7.x and earlier Description: The issue allows remote...

4.3CVSS5.3AI score0.01851EPSS
Exploits1References4
NVD
NVD
added 2005/11/29 9:3 p.m.29 views

CVE-2005-3895

Open Ticket Request System OTRS 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which allows remote attackers to execute arbitrary w...

5.8CVSS6.2AI score0.0205EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.27 views

Debian DSA-163-1 : mhonarc - XSS

Jason Molenda and Hiromitsu Takagi foundways to exploit cross site scripting bugs in mhonarc, a mail to HTML converter. When processing maliciously crafted mails of type text/html mhonarc does not deactivate all scripting parts properly. This is fixed in upstream version 2.5.3. If you are worried...

7.5CVSS5AI score0.02515EPSS
Exploits0References3
securityvulns
securityvulns
added 2000/04/08 12:0 a.m.44 views

Esafe Protect Gateway (CVP) does not scan virus under some conditions

Hi, After notification of the manufacturer here is the full report on a problem noted with Esafe Protect Gateway. SUMMARY ------- The Esafe Protect Gateway ESPG does not scan some files in combination with FireWall-1 and CVP. DETAILS ------- If you want the Esafe Protect Gateway to scan all conte...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2000/03/23 12:0 a.m.22 views

Уязвимость в ESAFE

при получении документа из Internet если его MIME-тип соответствует text/html он не проверяется...

0.9AI score
Exploits0References1
Rows per page
Query Builder