Описание
Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 34.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [34.0+build2-0ubuntu0.14.04.1]] |
| lucid | ignored | end of life |
| precise | released | 34.0+build2-0ubuntu0.12.04.1 |
| trusty | released | 34.0+build2-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [34.0+build2-0ubuntu0.14.04.1] |
| upstream | released | 34.0 |
| utopic | released | 34.0+build2-0ubuntu0.14.10.1 |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.
Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.
Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in ...
Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after a redirect.
4.3 Medium
CVSS2