Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-346

CWE-346

Origin Validation Error

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The product does not properly verify that the source of data or communication is valid.

557 vulnerabilities with CWE-346

CVE-2017-5858 MEDIUM

converse.js 0.8.0-1.0.6 2.0.0-2.0.4 - User Impersonation via XEP-0280 Message Carbons

CVE-2017-5606 MEDIUM

Xabber < 1.0.30 - Unauthenticated User Impersonation via XEP-0280 Message Carbons

CVE-2017-5605 MEDIUM

Movim 0.8-0.10 - Unauthenticated User Impersonation via XEP-0280 Message Carbons

CVE-2017-5604 MEDIUM

mcabber 1.0.0-1.0.4 - Unauthenticated User Impersonation via XEP-0280 Message Carbons

CVE-2017-5603 MEDIUM

Jitsi 2.5.5061-2.9.5544 - Remote User Impersonation via XEP-0280 Message Carbons

CVE-2017-5602 MEDIUM

jappix 1.0.0-1.1.6 - Remote User Impersonation via XEP-0280 Message Carbons

CVE-2017-5593 MEDIUM

Psi+ 0.16.563.580-0.16.571.627 - User Impersonation via XEP-0280 Message Carbons

CVE-2017-5592 MEDIUM

profanity 0.4.7-0.5.0 - Remote User Impersonation via XEP-0280 Message Carbons

CVE-2017-5591 MEDIUM

SleekXMPP < 1.3.1 and Slixmpp < 1.2.3 - Remote User Impersonation via XEP-0280 Message Carbons

CVE-2017-5590 MEDIUM

ChatSecure 3.2.0-4.0.0 and Zom < 1.0.11 - User Impersonation via XEP-0280 Message Carbons

CVE-2017-5589 MEDIUM

yaxim bruno 0.8.6-0.8.8 - Remote User Impersonation via XEP-0280 Message Carbons

CVE-2016-9902 HIGH

Redhat Enterprise Linux Desktop < 45.6.0 - Origin Validation Error

CVE-2016-5168 HIGH

Google Chrome < 50.0.2661.91 - Same Origin Policy Bypass via Skia

CVE-2016-8358 HIGH

Smiths-Medical CADD-Solis Medication Safety Software - Info Disclosure

CVE-2015-4495 HIGH KEV

Firefox < 39.0.3 - Same Origin Policy Bypass via PDF Reader Native Setter

CVE-2014-125071 MEDIUM

gribbit < 2014-12-31 - Missing Origin Validation in WebSockets via HttpRequestHandler

Opensuse < 28.0 - Origin Validation Error

CVE-2014-1487 HIGH

Firefox < 27.0 - Origin Validation Error via Web Workers Error Messages

Mozilla Firefox < 16.0.1 - Same Origin Policy Bypass via Security Wrapper Unwrapping

Google Chrome < 18.0.1025.151 - Same Origin Policy Bypass via Pop-Up Windows

Google Chrome < 18.0.1025.151 - Same Origin Policy Bypass via IFRAME Replacement

Google Chrome < 17.0.963.83 - Same Origin Policy Bypass via Magic Iframe

Google Chrome < 17.0.963.46 - Same Origin Policy Bypass via Sandboxed Origin Handling

Google Chrome < 14.0.835.163 - Same Origin Policy Bypass

CVE-2009-4139 MEDIUM

Spacewalk Java site packages <5.4.1 - CSRF

Previous Page 22 of 23 Next

Details

Vulnerabilities 557

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy