Количество 24
Количество 24
GHSA-3cqf-mfjf-xv44
When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2019-11711
When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2019-11711
When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2019-11711
When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2019-11711
When an inner window is reused, it does not consider the use of docume ...
BDU:2019-02935
Уязвимость компонента document.domain браузеров Firefox ESR, Firefox и почтового клиента Thunderbird, позволяющая нарушителю осуществить межсайтовую сценарную атаку
ELSA-2019-1799
ELSA-2019-1799: thunderbird security and bug fix update (IMPORTANT)
ELSA-2019-1777
ELSA-2019-1777: thunderbird security update (IMPORTANT)
ELSA-2019-1775
ELSA-2019-1775: thunderbird security update (IMPORTANT)
ELSA-2019-1765
ELSA-2019-1765: firefox security update (CRITICAL)
ELSA-2019-1764
ELSA-2019-1764: firefox security update (CRITICAL)
ELSA-2019-1763
ELSA-2019-1763: firefox security update (CRITICAL)
openSUSE-SU-2019:1813-1
Security update for MozillaThunderbird
openSUSE-SU-2019:1811-1
Security update for MozillaFirefox
openSUSE-SU-2019:1782-1
Security update for MozillaFirefox
SUSE-SU-2019:1960-1
Security update for MozillaThunderbird
SUSE-SU-2019:1869-1
Security update for MozillaFirefox
SUSE-SU-2019:1861-1
Security update for MozillaFirefox
SUSE-SU-2019:14124-1
Security update for MozillaFirefox
openSUSE-SU-2019:2249-1
Security update for MozillaThunderbird
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-3cqf-mfjf-xv44 When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. | CVSS3: 8.8 | 1% Низкий | больше 3 лет назад |
 | CVE-2019-11711 When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
 | CVE-2019-11711 When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
 | CVE-2019-11711 When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
| CVE-2019-11711 When an inner window is reused, it does not consider the use of docume ... | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
 | BDU:2019-02935 Уязвимость компонента document.domain браузеров Firefox ESR, Firefox и почтового клиента Thunderbird, позволяющая нарушителю осуществить межсайтовую сценарную атаку | CVSS3: 8.8 | 1% Низкий | больше 6 лет назад |
| ELSA-2019-1799 ELSA-2019-1799: thunderbird security and bug fix update (IMPORTANT) | больше 6 лет назад | ||
| ELSA-2019-1777 ELSA-2019-1777: thunderbird security update (IMPORTANT) | больше 6 лет назад | ||
| ELSA-2019-1775 ELSA-2019-1775: thunderbird security update (IMPORTANT) | больше 6 лет назад | ||
| ELSA-2019-1765 ELSA-2019-1765: firefox security update (CRITICAL) | больше 6 лет назад | ||
| ELSA-2019-1764 ELSA-2019-1764: firefox security update (CRITICAL) | больше 6 лет назад | ||
| ELSA-2019-1763 ELSA-2019-1763: firefox security update (CRITICAL) | больше 6 лет назад | ||
 | openSUSE-SU-2019:1813-1 Security update for MozillaThunderbird | больше 6 лет назад | ||
| openSUSE-SU-2019:1811-1 Security update for MozillaFirefox | больше 6 лет назад | ||
| openSUSE-SU-2019:1782-1 Security update for MozillaFirefox | больше 6 лет назад | ||
| SUSE-SU-2019:1960-1 Security update for MozillaThunderbird | больше 6 лет назад | ||
| SUSE-SU-2019:1869-1 Security update for MozillaFirefox | больше 6 лет назад | ||
| SUSE-SU-2019:1861-1 Security update for MozillaFirefox | больше 6 лет назад | ||
| SUSE-SU-2019:14124-1 Security update for MozillaFirefox | больше 6 лет назад | ||
| openSUSE-SU-2019:2249-1 Security update for MozillaThunderbird | больше 6 лет назад |
Уязвимостей на страницу