Количество 5
Количество 5
CVE-2017-7815
On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox < 56.
CVE-2017-7815
On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox < 56.
CVE-2017-7815
On pages containing an iframe, the "data:" protocol can be used to cre ...
GHSA-r5q3-cfrm-hqph
On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox < 56.
BDU:2021-00181
Уязвимость протокола «data:» браузера Mozilla Firefox, позволяющая нарушителю проводить спуфинг-атаки
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-7815 On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox < 56. | CVSS3: 5.3 | 1% Низкий | больше 7 лет назад |
 | CVE-2017-7815 On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox < 56. | CVSS3: 5.3 | 1% Низкий | больше 7 лет назад |
| CVE-2017-7815 On pages containing an iframe, the "data:" protocol can be used to cre ... | CVSS3: 5.3 | 1% Низкий | больше 7 лет назад |
| GHSA-r5q3-cfrm-hqph On pages containing an iframe, the "data:" protocol can be used to create a modal dialog through Javascript that will have an arbitrary domains as the dialog's location, spoofing of the origin of the modal dialog from the user view. Note: This attack only affects installations with e10 multiprocess turned off. Installations with e10s turned on do not support the modal dialog functionality. This vulnerability affects Firefox < 56. | CVSS3: 5.3 | 1% Низкий | больше 3 лет назад |
 | BDU:2021-00181 Уязвимость протокола «data:» браузера Mozilla Firefox, позволяющая нарушителю проводить спуфинг-атаки | CVSS3: 5.3 | 1% Низкий | больше 8 лет назад |
Уязвимостей на страницу