Archive Search About

中文 English

article Security Advisories EN

Airmail URLScheme Render and file:// XSS

            2016-09-01
            · 92 views
        

A vulnerability in Airmail's URL scheme handling allows XSS attacks through specially crafted file:// URLs in email content.

Product: Airmail (macOS/iOS)
Type: XSS via URL Scheme
Reference: Full Disclosure

Related Posts

article Sourcetree Arbitrary Command Execution (CVE-2017-8768) article WebKit URL Bar Spoofing (CVE-2017-2486) article WebKit Same-Origin Policy Bypass (CVE-2017-2488) article State-Sponsored "Living Off The Land" Attack Wipes 200,000 Devices via Microsoft Intune article GhostScript Sandbox Bypass Leading to ImageMagick RCE (CVE-2016-7976)