CVE-2018-12016

libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via certain window.open and document.write calls...

Epiphany 3.28.2.1 - Denial of Service

Epiphany 3.28.2.1 - Denial of Service Summary: ephy-session.c in libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call,...

CVE-2018-11396

ephy-session.c in libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call...

CVE-2018-11396

ephy-session.c in libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call...

chrome:UXSS via window.open() via file:// pages

VERSION Chrome Version: 51.0.2675.0 canary Operating System: windows 7 Actually I'm not sure about if this's a security issue because I can repro this just when I use the testcase from local file:/// and when I try it from server 'http://' doesn't repro. Please watch the video for the steps...

Memory corruption

Yandex Browser before 16.9.0 allows remote attackers to spoof the address bar via window.open...

CVE-2017-7325

The CVE-2017-7325 vulnerability affects Yandex Browser prior to version 16.9.0, where an attacker could spoof the address bar via window.open. The issue is documented in multiple sources (NVD/CNVD) as a browser-level flaw with the described vector and impact. A fix is available in version 16.9.0 ...

CVE-2017-1000149

Mahara 1.10 before 1.10.9 and 15.04 before 15.04.6 and 15.10 before 15.10.2 are vulnerable to XSS due to window.opener target="blank" and window.open...

CVE-2017-1000149

Mahara 1.10 before 1.10.9 and 15.04 before 15.04.6 and 15.10 before 15.10.2 are vulnerable to XSS due to window.opener target="blank" and window.open...

Apple WebKit Pop-Up Blocker Bypass Exploit

AppleWebKit suffers from a bypass in the pop-up blocker via a cross-origin or sandboxed iframe. Apple WebKit: Bypass pop-up blocker via cross-origin or sandboxed iframe. CVE-2017-2371 The second argument of window.open is a name for the new window. If there's a frame that has same name, it will t...

Apple WebKit 10.0.2 - Cross-Origin or Sandboxed IFRAME Pop-up Blocker Bypass

DOMWindow::openconst String& urlString, const AtomicString& frameName, const String& windowFeaturesString, DOMWindow& activeWindow, DOMWindow& firstWindow ... ---------------- 1 ----------------------- if !firstWindow.allowPopUp tree.findframeName return nullptr;...

Microsoft Internet Explorer 5 window.open Search Pane Cross-Zone Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9798/info A vulnerability has been reported in Microsoft Internet Explorer that could enable unauthorized access by malicious scripts and Active Content to document properties across different Security Zones and foreign...

CVE-2014-1510

The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call...

Design/Logic Flaw

The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call...

CVE-2014-1510

CVE-2014-1510 is a WebIDL-related remote code execution in Mozilla Firefox family (Firefox, Thunderbird, SeaMonkey) where an IDL fragment can trigger window.open with chrome privileges. Affected products and versions are Mozilla Firefox (pre-28.0 and ESR 24.x before 24.4 for some branches), Thund...

CVE-2014-1510

The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call...

CVE-2014-1510

The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call...

Sony Playstation Vita addressbar spoofing

Adress bar spoofing via window.open...

CVE-2012-5354

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.ope...

CVE-2012-5354

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to conduct clickjacking attacks via vectors involving an XPI file, the window.ope...