exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2017-7834

больше 7 лет назад

A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57.

CVSS3: 6.1

EPSS: Низкий

CVE-2017-7834

больше 7 лет назад

A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57.

CVSS3: 6.1

EPSS: Низкий

CVE-2017-7834

больше 7 лет назад

A "data:" URL loaded in a new tab did not inherit the Content Security ...

CVSS3: 6.1

EPSS: Низкий

GHSA-5q3m-44wf-w4hc

больше 3 лет назад

A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57.

CVSS3: 6.1

EPSS: Низкий

BDU:2021-00215

почти 9 лет назад

Уязвимость реализации механизма CSP (Content Security Policy браузера Mozilla Firefox, позволяющая нарушителю проводить межсайтовые сценарные атаки

CVSS3: 6.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2017-7834 A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57.	CVSS3: 6.1	1% Низкий	больше 7 лет назад
CVE-2017-7834 A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57.	CVSS3: 6.1	1% Низкий	больше 7 лет назад
CVE-2017-7834 A "data:" URL loaded in a new tab did not inherit the Content Security ...	CVSS3: 6.1	1% Низкий	больше 7 лет назад
GHSA-5q3m-44wf-w4hc A "data:" URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when "data:" documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57.	CVSS3: 6.1	1% Низкий	больше 3 лет назад
BDU:2021-00215 Уязвимость реализации механизма CSP (Content Security Policy браузера Mozilla Firefox, позволяющая нарушителю проводить межсайтовые сценарные атаки	CVSS3: 6.1	1% Низкий	почти 9 лет назад

Уязвимостей на страницу