Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-01 | CVE-2023-4045 | Origin Validation Error vulnerability in multiple products Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. | 5.3 |
| 2023-07-26 | CVE-2023-30949 | Origin Validation Error vulnerability in Palantir Slate A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks. | 5.3 |
| 2023-07-25 | CVE-2023-2850 | Origin Validation Error vulnerability in Nodebb NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. | 4.7 |
| 2023-07-17 | CVE-2023-3581 | Origin Validation Error vulnerability in Mattermost Server Mattermost fails to properly validate the origin of a websocket connection allowing a MITM attacker on Mattermost to access the websocket APIs. | 8.1 |
| 2023-07-13 | CVE-2023-21260 | Origin Validation Error vulnerability in Google Android In notification access permission dialog box, malicious application can embedded a very long service label that overflow the original user prompt and possibly contains mis-leading information to be appeared as a system message for user confirmation. | 5.5 |
| 2023-06-13 | CVE-2023-2639 | Origin Validation Error vulnerability in Rockwellautomation products The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that transfers the FactoryTalk Policy Manager rules to relevant devices on the network does not verify that the origin of the communication is from a legitimate local client device. This may allow a threat actor to craft a malicious website that, when visited, will send a malicious script that can connect to the local WebSocket endpoint and wait for events as if it was a valid client device. | 4.7 |
| 2023-06-02 | CVE-2023-23601 | Origin Validation Error vulnerability in Mozilla Firefox Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks. | 6.5 |
| 2023-05-31 | CVE-2023-28349 | Origin Validation Error vulnerability in Faronics Insight 10.0.19045 An issue was discovered in Faronics Insight 10.0.19045 on Windows. | 8.8 |
| 2023-04-28 | CVE-2023-30856 | Origin Validation Error vulnerability in Edex-Ui Project Edex-Ui eDEX-UI is a science fiction terminal emulator. | 10.0 |
| 2023-03-23 | CVE-2023-26114 | Origin Validation Error vulnerability in Coder Code-Server Versions of the package code-server before 4.10.1 are vulnerable to Missing Origin Validation in WebSockets handshakes. | 9.3 |