CVE-2017-7808
CVSS v3.0
5.3 (Medium)
CVSS v2.0
5 (Medium)
EPSS
0.19 % (56th)
Affected Products
1
Advisories
4
A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox < 55.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2018-06-11 21:29:10
(6 years ago) - Updated Date
-
2018-08-09 13:42:23
(6 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...