Количество 7
Количество 7
GHSA-38xr-6jm2-v69w
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.
CVE-2014-8638
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.
CVE-2014-8638
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.
CVE-2014-8638
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site.
CVE-2014-8638
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0 ...
ELSA-2015-0047
ELSA-2015-0047: thunderbird security update (IMPORTANT)
ELSA-2015-0046
ELSA-2015-0046: firefox security and bug fix update (CRITICAL)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-38xr-6jm2-v69w The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site. | 0% Низкий | больше 3 лет назад | |
 | CVE-2014-8638 The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site. | CVSS2: 6.8 | 0% Низкий | больше 10 лет назад |
 | CVE-2014-8638 The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site. | CVSS2: 4.3 | 0% Низкий | больше 10 лет назад |
 | CVE-2014-8638 The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site. | CVSS2: 6.8 | 0% Низкий | больше 10 лет назад |
| CVE-2014-8638 The navigator.sendBeacon implementation in Mozilla Firefox before 35.0 ... | CVSS2: 6.8 | 0% Низкий | больше 10 лет назад |
| ELSA-2015-0047 ELSA-2015-0047: thunderbird security update (IMPORTANT) | больше 10 лет назад | ||
| ELSA-2015-0046 ELSA-2015-0046: firefox security and bug fix update (CRITICAL) | больше 10 лет назад |
Уязвимостей на страницу