Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2015-7184

Source

Mozilla Foundation Security Advisory 2015-115

Cross-origin restriction bypass using Fetch

Announced

October 15, 2015

Reporter

Abdulrahman Alqabandi

Impact

High

Products

Firefox

Fixed in

Firefox 41.0.2

Description

Security researcher Abdulrahman Alqabandi reported that the fetch() API did not correctly implement the Cross-Origin Resource Sharing (CORS) specification, allowing a malicious page to access private data from other origins. Mozilla developer Ben Kelly independently reported the same issue.

References

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Cross-origin restriction bypass using Fetch

Cross-origin restriction bypass using Fetch

Description

References

Vulmon Search

About

Products

Connect