17 matches found
CVE-2013-4106
A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22.
CVE-2013-4108
Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors.
CVE-2013-4109
An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165.
CVE-2013-2258
Cryptocat before 2.0.22 has Nickname User Impersonation
CVE-2013-4101
Cryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness
CVE-2013-4107
Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting
CVE-2013-4103
Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input
CVE-2013-4104
Cryptocat before 2.0.22 has weak encryption in the Socialist Millionnaire Protocol
CVE-2013-4110
Cryptocat has an Unspecified Chat Participant User List Disclosure
CVE-2013-2260
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
CVE-2013-4100
Cryptocat before 2.0.22 has Remote Denial of Service via username
CVE-2013-2257
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness
CVE-2013-4102
Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness
CVE-2013-2259
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview
CVE-2013-2261
Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure
CVE-2013-4105
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure
CVE-2013-2262
Cryptocat strophe.js before 2.0.22 has information disclosure