Уязвимость обхода защиты Content Security Policy (CSP) с политикой "script-src"'strict-dynamic'" через внедрение HTML в Mozilla Firefox
Описание
Злоумышленник способен обойти защиту Content Security Policy (CSP) на сайтах, где используется политика "script-src" со значением "'strict-dynamic'". Если на целевом сайте присутствует уязвимость внедрения HTML, злоумышленник способен внедрить ссылку на копию библиотеки "require.js", которая является частью инструментов разработчика Firefox. Затем злоумышленник может использовать известный метод с этой библиотекой для обхода ограничений CSP на выполнение внедренных скриптов.
Затронутые версии ПО
- Mozilla Firefox версий до 60
Тип уязвимости
Обход защиты Content Security Policy (CSP)
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingPermissions RequiredVendor Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingPermissions RequiredVendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the "require.js" library that is part of Firefox's Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts. This vulnerability affects Firefox < 60.
A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the "require.js" library that is part of Firefox's Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts. This vulnerability affects Firefox < 60.
A mechanism to bypass Content Security Policy (CSP) protections on sit ...
A mechanism to bypass Content Security Policy (CSP) protections on sites that have a "script-src" policy of "'strict-dynamic'". If a target website contains an HTML injection flaw an attacker could inject a reference to a copy of the "require.js" library that is part of Firefox's Developer Tools, and then use a known technique using that library to bypass the CSP restrictions on executing injected scripts. This vulnerability affects Firefox < 60.
Уязвимость компонента Content Security Policy (CSP) браузера Firefox, позволяющая нарушителю осуществлять межсайтовые сценарные атаки
EPSS
6.1 Medium
CVSS3
4.3 Medium
CVSS2