Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-23974: Bug List

The DOMParser API did not properly process ‘<noscript>’ elements for escaping. This could be used as an mXSS vector to bypass an HTML Sanitizer. This vulnerability affects Firefox < 86.

CVE
Open in Source
#xss#vulnerability#perl#firefox

Mon May 23 2022 12:34:31 PDT

  • Bug ID: 1528997, 1683627?cve=title

ID

Type

Summary

Product

Comp

Assignee▲

Status▲

Resolution

Updated

1528997

mXSS: Potential XSS via noscript tags parsed by DOMParser APIs

Core

DOM: Serializers

hsivonen

RESO

FIXE

2021-11-22

1683627

Serialization bug in <noscript> may lead to sanitizers bypass and XSS

Core

DOM: Serializers

hsivonen

RESO

FIXE

2021-11-22

2 bugs found.

REST | CSV | Feed | iCalendar
Change Columns

Edit Search

as

File a new bug in the “Core” product

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE