Results for javascript

Threat Research

An Analysis of Microsoft Edge Chakra NewScObjectNoCtor Array Type Confusion (CVE-2018-0838)

CVE-2018-0838 is one of the ‘type confusion’ bugs in the Microsoft Edge Chakra Engine that was fixed by Microsoft three months ago. This bug causes memory corruption and can possibly be exploited to execute arbitrary code when a vulnerable system browses a malicious web page via Microsoft Edge.

By Dehui YinMay 18, 2018

Threat Research

Multiple Joomla! Core XSS Vulnerabilities Are Discovered

Joomla! is one of the world's most popular content management system (CMS) solutions. It enables users to build custom Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla!, and it accounts for more than 9 percent of CMS market share. As of November 2016, Joomla! had been downloaded over 78 million times. Over 7,800 free and commercial extensions are also currently available from the official Joomla! Extension Directory, and more are available from other sources. This year, as a FortiGuard researcher...

By Zhouyuan YangMay 04, 2017