Vulnerabilities > Externally Controlled Reference to a Resource in Another Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-18 | CVE-2018-12381 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Mozilla Firefox Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. | 5.3 |
| 2017-11-15 | CVE-2017-15269 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Psftp Psftpd 10.0.4 The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. | 4.3 |
| 2017-04-12 | CVE-2017-0211 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege Vulnerability." | 5.5 |