Описание
A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 59.0-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
EPSS
Связанные уязвимости
A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.
A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.
A shared worker created from a "data:" URL in one tab can be shared by another tab with a different origin, bypassing the same-origin policy. This vulnerability affects Firefox < 59.
Уязвимость браузера Mozilla Firefox, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS