Mozilla Firefox prior to 45.0 allows remote malicious users to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 13.1 |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.2 |
||
novell suse package hub for suse linux enterprise 12 |
||
mozilla firefox |