Количество 7
Количество 7
GHSA-23c8-qcpq-5v6v
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.
CVE-2015-4518
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.
CVE-2015-4518
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.
CVE-2015-4518
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL.
CVE-2015-4518
The Reader View implementation in Mozilla Firefox before 42.0 has an i ...
BDU:2015-12007
Уязвимость браузера Firefox, позволяющая нарушителю обойти существующие ограничения доступа и провести межсайтовое выполнение сценариев
openSUSE-SU-2015:1942-1
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss, xulrunner, seamonkey
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-23c8-qcpq-5v6v The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL. | 1% Низкий | больше 3 лет назад | |
 | CVE-2015-4518 The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL. | CVSS2: 4.3 | 1% Низкий | около 10 лет назад |
 | CVE-2015-4518 The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL. | CVSS2: 4.3 | 1% Низкий | около 10 лет назад |
 | CVE-2015-4518 The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism and conduct cross-site scripting (XSS) attacks via vectors involving SVG animations and the about:reader URL. | CVSS2: 4.3 | 1% Низкий | около 10 лет назад |
| CVE-2015-4518 The Reader View implementation in Mozilla Firefox before 42.0 has an i ... | CVSS2: 4.3 | 1% Низкий | около 10 лет назад |
 | BDU:2015-12007 Уязвимость браузера Firefox, позволяющая нарушителю обойти существующие ограничения доступа и провести межсайтовое выполнение сценариев | CVSS2: 4.3 | 1% Низкий | около 10 лет назад |
 | openSUSE-SU-2015:1942-1 Security update for MozillaFirefox, mozilla-nspr, mozilla-nss, xulrunner, seamonkey | почти 10 лет назад |
Уязвимостей на страницу