Cross-site scripting (XSS) vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action.
Max CVSS
4.3
EPSS Score
0.42%
Published
2012-02-21
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in the Add friends module in Yoono Desktop Application before 1.8.21 allows remote attackers to inject arbitrary web script or HTML via the create field in a "Create a group" action.
Max CVSS
4.3
EPSS Score
0.22%
Published
2012-02-21
Updated
2017-08-29
Yoono extension before 6.1.1 for Firefox performs certain operations with chrome privileges, which allows user-assisted remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via DOM event handlers such as onload.
Max CVSS
9.3
EPSS Score
1.21%
Published
2009-11-29
Updated
2017-08-17
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!