Описание
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| lucid | ignored | end of life |
| precise | released | 26.0+build2-0ubuntu0.12.04.2 |
| quantal | released | 26.0+build2-0ubuntu0.12.10.2 |
| raring | released | 26.0+build2-0ubuntu0.13.04.2 |
| saucy | released | 26.0+build2-0ubuntu0.13.10.2 |
| upstream | released | 26.0 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26. ...
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.
EPSS
4.3 Medium
CVSS2