Количество 7
Количество 7
GHSA-4mw4-24vq-q626
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.
CVE-2014-1485
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.
CVE-2014-1485
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.
CVE-2014-1485
The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions.
CVE-2014-1485
The Content Security Policy (CSP) implementation in Mozilla Firefox be ...
BDU:2014-00246
Уязвимость в программном продукте Mozilla SeaMonkey, позволяющая злоумышленнику выполнить произвольный код
BDU:2014-00245
Уязвимость браузера Firefox, позволяющая злоумышленнику выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-4mw4-24vq-q626 The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions. | 1% Низкий | больше 3 лет назад | |
 | CVE-2014-1485 The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions. | CVSS2: 7.5 | 1% Низкий | больше 11 лет назад |
 | CVE-2014-1485 The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions. | CVSS2: 4.3 | 1% Низкий | больше 11 лет назад |
 | CVE-2014-1485 The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions. | CVSS2: 7.5 | 1% Низкий | больше 11 лет назад |
| CVE-2014-1485 The Content Security Policy (CSP) implementation in Mozilla Firefox be ... | CVSS2: 7.5 | 1% Низкий | больше 11 лет назад |
 | BDU:2014-00246 Уязвимость в программном продукте Mozilla SeaMonkey, позволяющая злоумышленнику выполнить произвольный код | CVSS2: 7.5 | 1% Низкий | больше 11 лет назад |
| BDU:2014-00245 Уязвимость браузера Firefox, позволяющая злоумышленнику выполнить произвольный код | CVSS2: 7.5 | 1% Низкий | больше 11 лет назад |
Уязвимостей на страницу