Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-09 | CVE-2017-5602 | Origin Validation Error vulnerability in Jappix Project Jappix An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. | 5.9 |
| 2017-02-09 | CVE-2017-5593 | Origin Validation Error vulnerability in Psi-Plus Psi+ 0.16.563.580/0.16.571.627 An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. | 5.9 |
| 2017-02-09 | CVE-2017-5592 | Origin Validation Error vulnerability in Profanity Project Profanity 0.4.7/0.5.0 An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. | 5.9 |
| 2017-02-09 | CVE-2017-5591 | Origin Validation Error vulnerability in multiple products An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. | 5.9 |
| 2017-02-09 | CVE-2017-5590 | Origin Validation Error vulnerability in multiple products An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. | 5.9 |
| 2017-02-09 | CVE-2017-5589 | Origin Validation Error vulnerability in Yaxim Bruno and Yaxim An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. | 5.9 |
| 2014-02-06 | CVE-2014-1487 | Origin Validation Error vulnerability in multiple products The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. | 7.5 |
| 2005-05-02 | CVE-2005-0877 | Origin Validation Error vulnerability in Thekelleys Dnsmasq Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were not made by Dnsmasq. | 7.5 |
| 2004-01-05 | CVE-2003-0981 | Origin Validation Error vulnerability in Freescripts Visitorbook LE FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks. | 6.1 |
| 2003-05-12 | CVE-2003-0174 | Origin Validation Error vulnerability in SGI Irix The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password. | 9.8 |