114 matches found
MINI-CHGF-9V3C-9XHR
Bulletin has no description...
CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
CVE-2026-26477
An issue in Dokuwiki v.2025-05-14b 'Librarian' allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...
MiracleLinux 7 : firefox-91.4.0-1.0.1.el7.AXS7 (AXSA:2021-2597:33)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2597:33 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...
Mozilla Firefox < 22.0
The version of Firefox installed on the remote macOS or Mac OS X host is prior to 22.0. It is, therefore, affected by a vulnerability as referenced in the mfsa2013-54 advisory. - Do not send data XHR HEAD requestCVE-2013-1692 CVE-2013-1692 Note that Nessus has not tested for this issue but has...
EUVD-2024-52857
Malicious code in bioql PyPI...
CVE-2024-55948
Discourse is an open source platform for community discussion. In affected versions an attacker can make craft an XHR request to poison the anonymous cache for example, the cache may have a response with missing preloaded data. This issue only affects anonymous visitors of the site. This problem...
CVE-2024-55948
Discourse is an open source platform for community discussion. In affected versions an attacker can make craft an XHR request to poison the anonymous cache for example, the cache may have a response with missing preloaded data. This issue only affects anonymous visitors of the site. This problem...
CVE-2024-55948 Anonymous cache poisoning via XHR requests in Discourse
Discourse is an open source platform for community discussion. In affected versions an attacker can make craft an XHR request to poison the anonymous cache for example, the cache may have a response with missing preloaded data. This issue only affects anonymous visitors of the site. This problem...
CVE-2024-55948 Anonymous cache poisoning via XHR requests in Discourse
Discourse is an open source platform for community discussion. In affected versions an attacker can make craft an XHR request to poison the anonymous cache for example, the cache may have a response with missing preloaded data. This issue only affects anonymous visitors of the site. This problem...
CVE-2024-55948
CVE-2024-55948 describes an anonymous cache poisoning vulnerability in Discourse. In affected versions, an attacker can craft an XHR request to contaminate the anonymous cache, potentially causing a response with missing preloaded data and affecting only anonymous visitors. Mitigation in the prov...
BIT-DISCOURSE-2024-47773 Anonymous cache poisoning via XHR requests in Discourse
Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affects anonymous visitors of the site. This problem has been patched in the latest version of Discourse...
CVE-2024-47773
Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affects anonymous visitors of the site. This problem has been patched in the latest version of Discourse...
CVE-2024-47773 Anonymous cache poisoning via XHR requests in Discourse
Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affects anonymous visitors of the site. This problem has been patched in the latest version of Discourse...
CVE-2024-47773 Anonymous cache poisoning via XHR requests in Discourse
Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affects anonymous visitors of the site. This problem has been patched in the latest version of Discourse...
CVE-2024-47773
Discourse CVE-2024-47773 describes an anonymous cache-poisoning vulnerability triggered by multiple XHR requests that can contaminate the cache for anonymous visitors. Affected software is Discourse (noted in multiple sources) with patches in the latest released version; remediation guidance also...
ICEcoder 安全漏洞
ICEcoder is a browser-based code editor from ICEcoder open source. Allows users to code online or offline directly in a web browser. A security vulnerability exists in ICEcoder version 8.1, which originated from a discovery via lib/terminal-xhr.php that contained a cross-site scripting...
Malicious code in crossdomain-xhr (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ab343d1f78365f0bc2589bd835b94aa0fd90723d8e80a9d0b774a3a99589b0f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8717 Malicious code in crossdomain-xhr (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ab343d1f78365f0bc2589bd835b94aa0fd90723d8e80a9d0b774a3a99589b0f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Confluence XHR requests have the wrong content type
h3. Problem Watching or Stop watching a Confluence page and other operations see below list of identified endpoints will generate a request like the one below copied as curl from HAR capture for convenience: code:java curl 'https://confluence/rest/api/user/watch/content/9999999' \ -X 'DELETE' \ -...