Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Yahoo Subscribe
Filtered by product Ui Library
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-2385 1 Yahoo 1 Ui Library 2008-11-12 5.0 MEDIUM N/A
The Yahoo! UI framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka "JavaScript Hijacking."