Уязвимость CVE-2018-18499

Пакет	Статус	Версия исправления	Тип
firefox	fixed	62.0-1	package
firefox-esr	fixed	60.2.0esr-1	package
thunderbird	fixed	1:60.2.1-1	package

CVE-2018-18499

CVSS3: 6.5

ubuntu

почти 7 лет назад

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

CVE-2018-18499

CVSS3: 6.5

redhat

больше 7 лет назад

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

CVE-2018-18499

CVSS3: 6.5

nvd

почти 7 лет назад

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

GHSA-h7hh-7f6j-x9mh

CVSS3: 6.5

github

больше 3 лет назад

A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

exploitDog

CVE-2018-18499

Описание

Пакеты

Примечания

Связанные уязвимости