Vulnerabilities (CVE)

Filtered by vendor Ps Project Management Team Subscribe
Filtered by product Unity-firefox-extension
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-0958 1 Ps Project Management Team 1 Unity-firefox-extension 2024-02-04 4.3 MEDIUM N/A
content/unity-api.js in the unity-firefox-extension extension 2.4.1 for Firefox exposes the toDataURL function in an API call, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted webpage.
CVE-2012-0960 1 Ps Project Management Team 1 Unity-firefox-extension 2024-02-04 7.5 HIGH N/A
Unity integration extension (unity-firefox-extension) before 2.4.1 for Firefox does not properly handle callbacks, which allows remote attackers to cause a denial of service (Firefox crash) and possibly execute arbitrary code via a crafted request.