Advisory
- Advisory: Truncated dialogs may be used to trick users
- Advisory: Small windows can be used in several ways to trick users into executing downloads
- Advisory: Certain characters in HTML can incorrectly be ignored, which can facilitate XSS attacks
- Advisory: Element HTML content can be incorrectly returned without escaping, bypassing some HTML sanitizers
- Advisory: Plug-in content may monitor keystrokes on unrelated pages
- Advisory: Certain URL constructs can allow arbitrary code execution
- Advisory: Pages can prevent navigation to a target page, spoofing the address field
- Advisory: Hidden keyboard navigation can allow cross site scripting or code execution
- Advisory: A combination of clicks and key presses can lead to cross site scripting or code execution
- Advisory: Cross-domain JSON resources may be exposed as JavaScript variable data