RSS   Vulnerabilities for 'Snowhaze'   RSS

2019-11-14
 
CVE-2019-18949

CWE-20
 

 
SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's browser configuration.

 


Copyright 2024, cxsecurity.com

 

Back to Top