The WebKit #1110 patch created a universal cross site scripting vulnerability.
>> ARCHIVE: 2017-05
The WebKit #1110 patch created a universal cross site scripting vulnerability.
WebKit suffers from a universal cross site scripting vulnerability via ContainerNode::parserRemoveChild (2).
WebKit JSC fails to increase the reference count in BindingNode::bindValue.
Skia Graphic Library suffers from a heap overflow vulnerability.
gfxTextRun in Mozilla Firefox suffers from a heap overflow vulnerability.
WebKit suffers from a use-after-free vulnerability in WebCore::FrameView::scheduleRelayout.
WebKit suffers from a cross site scripting vulnerability in HTMLObjectElement::updateWidget.
WebKit suffers from a variable theft issue in FrameLoader::clear via page navigation.
Mozilla Firefox suffers from a memory disclosure vulnerability in ConvolvPixel. o.
WebKit enqueuePageshowEvent and enqueuePopstateEvent suffer from a universal cross site scripting vulnerability.