Vulnerabilities > Origin Validation Error

DATE CVE VULNERABILITY TITLE RISK
2023-06-02 CVE-2023-23601 Origin Validation Error vulnerability in Mozilla Firefox
Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks.
network
low complexity
mozilla CWE-346
6.5
6.5
2023-05-31 CVE-2023-28349 Origin Validation Error vulnerability in Faronics Insight 10.0.19045
An issue was discovered in Faronics Insight 10.0.19045 on Windows.
low complexity
faronics CWE-346
8.8
8.8
2023-04-28 CVE-2023-30856 Origin Validation Error vulnerability in Edex-Ui Project Edex-Ui
eDEX-UI is a science fiction terminal emulator.
network
low complexity
edex-ui-project CWE-346
critical
 10.0
10
2023-03-23 CVE-2023-26114 Origin Validation Error vulnerability in Coder Code-Server
Versions of the package code-server before 4.10.1 are vulnerable to Missing Origin Validation in WebSockets handshakes.
network
low complexity
coder CWE-346
critical
 9.3
9.3
2023-03-03 CVE-2023-0957 Origin Validation Error vulnerability in Gitpod
An issue was discovered in Gitpod versions prior to release-2022.11.2.16.
network
low complexity
gitpod CWE-346
critical
 9.6
9.6
2023-01-18 CVE-2021-33959 Origin Validation Error vulnerability in Plex Media Server
Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.
network
low complexity
plex CWE-346
7.5
7.5
2023-01-10 CVE-2023-22899 Origin Validation Error vulnerability in Zip4J Project Zip4J
Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.
network
high complexity
zip4j-project CWE-346
5.9
5.9
2023-01-09 CVE-2014-125071 Origin Validation Error vulnerability in Gribbit Project Gribbit
A vulnerability was found in lukehutch Gribbit.
network
low complexity
gribbit-project CWE-346
critical
 9.8
9.8
2022-12-27 CVE-2017-20146 Origin Validation Error vulnerability in Gorillatoolkit Handlers 1.1/1.2/1.2.1
Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.
network
low complexity
gorillatoolkit CWE-346
critical
 9.8
9.8
2022-12-22 CVE-2022-22757 Origin Validation Error vulnerability in Mozilla Firefox
Remote Agent, used in WebDriver, did not validate the Host or Origin headers.
network
low complexity
mozilla CWE-346
6.5
6.5