Описание
If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox < 70.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 70.0-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-17002
EPSS
Связанные уязвимости
If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox < 70.
If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox < 70.
If upgrade-insecure-requests was specified in the Content Security Policy, and a link was dragged and dropped from that page, the link was not upgraded to https. This vulnerability affects Firefox < 70.
Уязвимость политики безопасности веб-браузера Firefox, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю оказать воздействие на целостность данных
EPSS