all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Evernote Web Clipper Same-Origin Policy Bypass

Add to bookmarks
Dec. 6, 2022, 4:09 p.m. |

Packet Storm packetstormsecurity.com

Evernote Web Clipper suffered from a same-origin policy bypass vulnerability. The link to the demo exploit was a 403 at the time of addition and has not been included in this post.

bypass clipper origin policy web

Visit resource

More from packetstormsecurity.com / Packet Storm

Debian Security Advisory 5665-1 1 day, 3 hours ago | packetstormsecurity.com
advisory debian debian linux security engine +7
Debian Security Advisory 5664-1 1 day, 3 hours ago | packetstormsecurity.com
advisory attackers can clients +20
Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference 1 day, 3 hours ago | packetstormsecurity.com
audio client client-side configuration +11
Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass 1 day, 3 hours ago | packetstormsecurity.com
access attackers audio authentication +15
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference 1 day, 3 hours ago | packetstormsecurity.com
client client-side configuration device +12
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass 1 day, 3 hours ago | packetstormsecurity.com
access attackers authentication authentication bypass +16
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference 1 day, 3 hours ago | packetstormsecurity.com
client client-side configuration device +10
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass 1 day, 3 hours ago | packetstormsecurity.com
access attackers authentication authentication bypass +14
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference 1 day, 4 hours ago | packetstormsecurity.com
1.0.0 broadcast client client-side +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States
View on infosec-jobs.com

Associate DevSecOps Engineer

@ LinQuest | Los Angeles, California, United States
View on infosec-jobs.com

DORA Compliance Program Manager

@ Resillion | Brussels, Belgium
View on infosec-jobs.com

Head of Workplace Risk and Compliance

@ Wise | London, United Kingdom
View on infosec-jobs.com
View more jobs