The vulnerability of the X Window System graphical server, as well as the ALT Linux, ROSA Linux, MSVSfer operating systems, allows attackers to increase their privileges.

The vulnerability of the X Window System graphical server, as well as operating systems like ALT Linux and ROSA Linux, is related to deficiencies in access control when transmitting window events initiated by low-privilege graphical applications to windows with high privileges. Exploiting this...

GHSA-F9MQ-JPH6-9MHM Arbitrary file read via window-open IPC in Electron

Impact The vulnerability allows arbitrary local file read by defining unsafe window options on a child window opened via window.open. Workarounds Ensure you are calling event.preventDefault on all new-window events where the url or options is not something you expect. Fixed Versions 9.0.0-beta.21...

WebKit - enqueuePageshowEvent enqueuePopstateEvent Universal Cross-Site Scripting

WebKit - enqueuePageshowEvent enqueuePopstateEvent Universal Cross-Site Scripting view-frame.page; frame.tree.appendChildchildFrame-view-frame; childFrame-open; enqueuePageshowEventPageshowEventPersisted; HistoryItem historyItem = frame.loader.history.currentItem; if historyItem &&...