Vulnerabilities > PS Project Management Team > Unity Firefox Extension

DATE CVE VULNERABILITY TITLE RISK
2012-12-26 CVE-2012-0958 Information Disclosure vulnerability in PS Project Management Team Unity-Firefox-Extension 2.4.1
content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted webpage. 		4.3
4.3
2012-11-24 CVE-2012-0960 Improper Input Validation vulnerability in PS Project Management Team Unity-Firefox-Extension
Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.
network
low complexity
ps-project-management-team CWE-20
7.5
7.5