Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross domain local storage project cross domain local storage vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2015-9544
An issue exists in xdLocalStorage up to and including 2.0.5. The receiveMessage() function in xdLocalStoragePostMessageApi.js does not implement any validation of the origin of web messages. Remote attackers who can entice a user to load a malicious site can exploit this issue to...
Cross Domain Local Storage Project Cross Domain Local Storage
5.8
CVSSv2
CVE-2015-9545
An issue exists in xdLocalStorage up to and including 2.0.5. The receiveMessage() function in xdLocalStorage.js does not implement any validation of the origin of web messages. Remote attackers who can entice a user to load a malicious site can exploit this issue to impact the co...
Cross Domain Local Storage Project Cross Domain Local Storage
6.8
CVSSv2
CVE-2020-11610
An issue exists in xdLocalStorage up to and including 2.0.5. The postData() function in xdLocalStoragePostMessageApi.js specifies the wildcard (*) as the targetOrigin when calling the postMessage() function on the parent object. Therefore any domain can load the application hosti...
Cross Domain Local Storage Project Cross Domain Local Storage
5.8
CVSSv2
CVE-2020-11611
An issue exists in xdLocalStorage up to and including 2.0.5. The buildMessage() function in xdLocalStorage.js specifies the wildcard (*) as the targetOrigin when calling the postMessage() function on the iframe object. Therefore any domain that is currently loaded within the ifra...
Cross Domain Local Storage Project Cross Domain Local Storage
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started