Skip to main content

Snowhaze

1 CVEs product

Monthly

CVE-2019-18949 HIGH This Week

SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Snowhaze
NVD
CVSS 3.1
7.5
EPSS
1.4%
EPSS 1% CVSS 7.5
HIGH This Week

SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaScript blocking setting, which leads to unintended JavaScript execution via a chain of webpage redirections targeted to the user's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Snowhaze
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy