Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/30 4:57 a.m.•3 views

Adobe Reader fails to properly handle signatures

Overview Adobe Reader fails to properly handle RSA signatures. Adobe Reader contains an issue where it may fail to properly verify RSA signatures. Masahiko Takenaka of FUJITSU LABORATORIES LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

5CVSS7.3AI score0.04894EPSS
Exploits1References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/30 12:0 a.m.•43 views

JVN#51615542: Adobe Reader fails to properly handle signatures

Adobe Reader contains an issue where it may fail to properly verify RSA signatures. Impact An attacker may be able to forge an RSA signature on a PDF document. Solution Update the software Update to the latest version according to the information provided by the developer. Note that this issue wa...

4.3CVSS7AI score0.04894EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/30 12:0 a.m.•34 views

JVN#69880570: Opera address bar spoofing vulnerability

Opera contains a vulnerability where certain characters may be displayed in the address bar, causing 2 URLs to potentially be indistinguishable from each other. Impact Phishing attacks may be possible, due to the difficulty in determining that the URL displayed in the address bar and the URL bein...

5CVSS5.9AI score0.01318EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/17 6:58 a.m.•5 views

mixi for Android information management vulnerability

Overview mixi for Android contains an issue which stores friends' comments on a SD card. mixi for Android provided by mixi, Inc. contains an issue which stores friends' comments on a SD card, therefore other applications can access this information directly from the SD card. Kazuhiko Kusano of...

4.3CVSS6.6AI score0.01066EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/17 6:52 a.m.•5 views

Multiple GREE Android applications vulnerable in the WebView class

Overview Multiple Android applications provided by GREE contain a vulnerability in the WebView class. Multiple Android applications that use the SDK for HTML-based applications provided by GREE contain a vulnerability in the WebView class. Takeshi Terada of Mitsui Bussan Secure Directions, Inc.,...

4.3CVSS6.6AI score0.01066EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/17 12:0 a.m.•43 views

JVN#92038939: mixi for Android information management vulnerability

mixi for Android provided by mixi, Inc. contains an issue which stores friends' comments on a SD card, therefore other applications can access this information directly from the SD card. Impact If a user of the affected product uses a malicious Android application, friends' comments may be...

4.3CVSS6.4AI score0.01066EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/16 12:0 a.m.•35 views

JVN#99192898: Multiple GREE Android applications vulnerable in the WebView class

Multiple Android applications that use the SDK for HTML-based applications provided by GREE contain a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution Updat...

4.3CVSS6.1AI score0.01066EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/10 6:5 a.m.•3 views

Cross-site Scripting Vulnerability in JP1/Integrated Management - Service Support

Overview A cross-site scripting vulnerability was found in JP1/Integrated Management - Service Support. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate...

3.5CVSS6.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/08 5:43 a.m.•6 views

Sleipnir Mobile for Android vulnerable to arbitrary script execution

Overview Sleipnir Mobile for Android contains an arbitrary script execution vulnerability. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an arbitrary script execution vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc...

4.3CVSS6.8AI score0.01161EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/08 5:39 a.m.•6 views

Sleipnir Mobile for Android vulnerable to arbitrary Java method execution

Overview Sleipnir Mobile for Android contains an arbitrary Java method execution vulnerability. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an arbitrary Java method execution vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Direction...

6.8CVSS7AI score0.02031EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/08 12:0 a.m.•54 views

JVN#39519659: Sleipnir Mobile for Android vulnerable to arbitrary script execution

Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an arbitrary script execution vulnerability. Impact If a user uses a certain function of the affected product that called by other malicious Android application, an attacker may be able to execu...

4.3CVSS6.6AI score0.01161EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/08 12:0 a.m.•31 views

JVN#99730704: Sleipnir Mobile for Android vulnerable to arbitrary Java method execution

Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an arbitrary Java method execution vulnerability. Impact When opening a specially crafted website, an attacker may be able to execute an arbitrary Java method. As a result, information stored in...

6.8CVSS6.8AI score0.02031EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/07 4:33 a.m.•6 views

LINE for Android vulnerable in handling of implicit intents

Overview LINE for Android contains a vulnerability in the handling of implicit intents. LINE for Android provided by NHN Japan, is an application for communication with others. LINE for Android contains a vulnerability in the handling of implicit intents. Gaku Mochizuki of Mitsui Bussan Secure...

5CVSS6.5AI score0.01354EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/07 12:0 a.m.•29 views

JVN#67435981: LINE for Android vulnerable in handling of implicit intents

LINE for Android provided by NHN Japan, is an application for communication with others. LINE for Android contains a vulnerability in the handling of implicit intents. Impact Information such as messages sent by LINE may be leaked to a third party through a malicious application. Solution Update...

5CVSS6.2AI score0.01354EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/02 5:46 a.m.•12 views

GoodReader vulnerable to cross-site scripting

Overview GoodReader contains a cross-site scripting vulnerability. GoodReader is a document reader for Apple mobile devices. GoodReader contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5CVSS5.9AI score0.01364EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/02 12:0 a.m.•32 views

JVN#01598734: GoodReader vulnerable to cross-site scripting

GoodReader is a document reader for Apple mobile devices. GoodReader contains a cross-site scripting vulnerability. Impact When GoodReader is used through a web browser, an arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version...

4.3CVSS5.6AI score0.01364EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/30 5:56 a.m.•6 views

Yahoo! Toolbar (for Chrome, Safari) vulnerable to toolbar alteration

Overview Yahoo! Toolbar for Chrome, Safari contains a vulnerability where the toolbar may be altered. Yahoo! Toolbar for Chrome, Safari contains a vulnerability where the toolbar may be altered when visiting a specially crafted web page. Keita Haga of keitahaga.com reported this vulnerability to...

5.8CVSS6.6AI score0.01276EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/30 5:53 a.m.•3 views

Multiple web browsers vulnerable in processing Tranfer-Encoding header

Overview Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. When viewing a malicious web site through a proxy server, part of the HTTP response may be misidentified as ...

2.6CVSS6.6AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/30 12:0 a.m.•45 views

JVN#51769987: Yahoo! Toolbar (for Chrome, Safari) vulnerable to toolbar alteration

Yahoo! Toolbar for Chrome, Safari contains a vulnerability where the toolbar may be altered when visiting a specially crafted web page. Impact A remote attacker may alter the toolbar. As a result, keywords entered in the toolbar may be leaked to a third party. Solution Update the software Update ...

5.8CVSS6.1AI score0.01276EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/30 12:0 a.m.•17 views

JVN#90389651: Multiple web browsers vulnerable in processing Tranfer-Encoding header

Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. When viewing a malicious web site through a proxy server, part of the HTTP response may be misidentified as a response from a different server. Impact An arbitrary script may be executed on the user's web...

6.8AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/24 5:5 a.m.•6 views

Sleipnir Mobile for Android vulnerable in the WebView class

Overview Sleipnir Mobile for Android contains a vulnerability in the WebView class. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this...

5CVSS6.5AI score0.01918EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/24 12:0 a.m.•42 views

JVN#88643450: Sleipnir Mobile for Android vulnerable in the WebView class

Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution...

5CVSS6.2AI score0.01918EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/23 8:13 a.m.•2 views

Privilege escalation vulnerability in Hitachi JP1/NETM/DM

Overview The package setup manager in Hitachi JP1/NETM/DM contains an privilege escalation vulnerability. Impact A remote attacker could gain privileges via unknown attack vectors. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate actio...

7.2CVSS7.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/13 6:0 a.m.•4 views

Yahoo! Browser vulnerable in the WebView class

Overview Yahoo! Browser contains a vulnerability in the WebView class. Yahoo! Browser is a web browser for Android devices. Yahoo! Browser contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinat...

4.3CVSS6.5AI score0.01204EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/13 12:0 a.m.•46 views

JVN#46088915: Yahoo! Browser vulnerable in the WebView class

Yahoo! Browser is a web browser for Android devices. Yahoo! Browser contains a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution Update the software Update t...

4.3CVSS6.1AI score0.01204EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 8:24 a.m.•5 views

Movable Type plugin MT4i vulnerable to cross-site scripting

Overview MT4i contains a cross-site scripting vulnerability. MT4i is a Movable Type plugin. MT4i contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN80835745. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 8:19 a.m.•3 views

YY-BOARD vulnerable to cross-site scripting

Overview YY-BOARD contains a cross-site scripting vulnerability. YY-BOARD is a bulletin-board software. YY-BOARD contains a vulnerability in handling web form entries, which may result in cross-site scripting. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 8:14 a.m.•5 views

Movable Type plugin MT4i vulnerable to cross-site scripting

Overview MT4i contains a cross-site scripting vulnerability. MT4i is a Movable Type plugin. MT4i contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN79111101. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 8:11 a.m.•2 views

Ruby hash table implementation vulnerable to denial-of-service

Overview The hash table implementation in Ruby contains a denial-of-service DoS vulnerability. The hash table implementation in Ruby contains an issue, where it may intentionally create a series of strings whose hash values collide. As a result, a denial-of-service DoS attack may be conducted...

7.8CVSS7.3AI score0.04246EPSS
Exploits2References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 12:0 a.m.•64 views

JVN#03582364: YY-BOARD vulnerable to cross-site scripting

YY-BOARD is a bulletin-board software. YY-BOARD contains a vulnerability in handling web form entries, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...

4.3CVSS6.2AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 12:0 a.m.•31 views

JVN#90615481: Ruby hash table implementation vulnerable to denial-of-service

The hash table implementation in Ruby contains an issue, where it may intentionally create a series of strings whose hash values collide. As a result, a denial-of-service DoS attack may be conducted. Impact When processing a series of specially crafted strings, a denial-of-service DoS may occur...

7.8CVSS8.3AI score0.04246EPSS
Exploits2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 12:0 a.m.•40 views

JVN#79111101: Movable Type plugin MT4i vulnerable to cross-site scripting

MT4i is a Movable Type plugin. MT4i contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN80835745. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the informati...

4.3CVSS5.7AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 12:0 a.m.•29 views

JVN#80835745: Movable Type plugin MT4i vulnerable to cross-site scripting

MT4i is a Movable Type plugin. MT4i contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN79111101. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the informati...

4.3CVSS5.7AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/03 5:57 a.m.•6 views

Yome Collection for Android issue in management of IMEI

Overview Yome Collection for Android contains an issue which stores the International Mobile Equipment Identity IMEI on a SD card. Applications without the READPHONESTATE permission may obtain the IMEI from the SD card. Kazuhiko Kusano of Graduate School of Information Sciences, Tohoku University...

5CVSS6.5AI score0.01369EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/03 5:49 a.m.•4 views

Zenphoto vulnerable to cross-site scripting

Overview Zenphoto contains a cross-site scripting vulnerability. Zenphoto is a content management system CMS. Zenphoto contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Ear...

5CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/03 12:0 a.m.•23 views

JVN#05102851: Yome Collection for Android issue in management of IMEI

Yome Collection for Android contains an issue which stores the International Mobile Equipment Identity IMEI on a SD card. Applications without the READPHONESTATE permission may obtain the IMEI from the SD card. Impact If a user of the affected product uses a malicious Android application, the IME...

5CVSS6.4AI score0.01369EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/03 12:0 a.m.•30 views

JVN#59842447: Zenphoto vulnerable to cross-site scripting

Zenphoto is a content management system CMS. Zenphoto contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the developer. Products...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 5:38 a.m.•2 views

Python SimpleHTTPServer vulnerable to cross-site scripting

Overview The SimpleHTTPServer in Python contains a cross-site scripting vulnerability. Keigo Yamazaki of Little eArth Corporation Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script...

2.6CVSS6.1AI score0.03213EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 5:31 a.m.•2 views

WEB PATIO vulnerable to cross-site scripting

Overview WEB PATIO contains a cross-site scripting vulnerability. WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling web form entries, which may result in cross-site scripting. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated wi...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 5:0 a.m.•3 views

SmallPICT vulnerable to cross-site scripting

Overview SmallPICT contains a cross-site scripting vulnerability. SmallPICT is a bulletin-board software. SmallPICT contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 3:35 a.m.•6 views

WEB PATIO vulnerable to cross-site scripting

Overview WEB PATIO contains a cross-site scripting vulnerability. WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling cookies, which may result in cross-site scripting. Taketo Ikeuchi of Hitachi Solutions, Ltd. reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 12:0 a.m.•38 views

JVN#58102473: WEB PATIO vulnerable to cross-site scripting

WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling cookies, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

4.3CVSS6.3AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 12:0 a.m.•42 views

JVN#33171616: WEB PATIO vulnerable to cross-site scripting

WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling web form entries, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...

4.3CVSS6.1AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 12:0 a.m.•31 views

JVN#36993373: SmallPICT vulnerable to cross-site scripting

SmallPICT is a bulletin-board software. SmallPICT contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer. Products Affecte...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 12:0 a.m.•76 views

JVN#51176027: Python SimpleHTTPServer vulnerable to cross-site scripting

The SimpleHTTPServer in Python contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's Internet Explorer. According to the developer, this issue exists only when using Internet Explorer 7. Solution Update the software Update to the latest version...

2.6CVSS6.1AI score0.03213EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/14 5:20 a.m.•5 views

Dolphin Browser vulnerable in the WebView class

Overview Dolphin Browser contains a vulnerability in the WebView class. Dolphin Browser is a web browser for Android devices. Dolphin Browser HD and Dolphin for Pad contain a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to...

4.3CVSS6.5AI score0.01066EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/14 12:0 a.m.•39 views

JVN#90751882: Dolphin Browser vulnerable in the WebView class

Dolphin Browser is a web browser for Android devices. Dolphin Browser HD and Dolphin for Pad contain a vulnerability in the WebView class. Impact If a user of the affected product uses other malicious Android application, information managed by the affected product may be disclosed. Solution Upda...

4.3CVSS6.2AI score0.01066EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/11 6:5 a.m.•4 views

Flash Player issue in implementations of the Same Origin Policy

Overview Flash Player contains an issue in implementations of the Same Origin Policy. SoundMixer.computeSpectrum method, included in Flash Player, contains an issue in implementations of the Same Origin Policy. Mitsuaki Shiraishi of Symantec Japan, Inc. reported this vulnerability to IPA. JPCERT/...

4.3CVSS6.6AI score0.03655EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/11 12:0 a.m.•35 views

JVN#38163638: Flash Player issue in implementations of the Same Origin Policy

SoundMixer.computeSpectrum method, included in Flash Player, contains an issue in implementations of the Same Origin Policy. Impact An attacker may obtain sound spectrum data that user playing in violation of the same-origin policy. Solution Update the Software Update to the latest version...

4.3CVSS5.8AI score0.03655EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/07 6:39 a.m.•5 views

FeedDemon vulnerable to arbitrary script execution

Overview FeedDemon is vulnerable to arbitrary script execution. FeedDemon is an RSS/Atom feed reader. FeedDemon is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information when using the "feed preview" option. Daiki Fukumori of Cybe...

4.3CVSS6.9AI score0.01803EPSS
Exploits0References5
Total number of security vulnerabilities5625