Description A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead. A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that when injecting an HTML base element; some requests would ignore the CSP's base-uri settings and accept the injected element's base instead.
Unless explicitly stated as not affected, all previous versions of packages in any minor update stream of a product listed here should be assumed vulnerable, although may not have been subject to full analysis.