1. Home
  2. Vulnerabilities
  3. CVE-2017-7835

CVE-2017-7835

CVSS v3.0 7.3 (High)
73% Progress
CVSS v2.0 7.5 (High)
75% Progress
EPSS 0.36 % (73th)
0.36% Progress
Affected Products 1
Advisories 5
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Mixed content blocking of insecure (HTTP) sub-resources in a secure (HTTPS) document was not correctly applied for resources that redirect from HTTPS to HTTP, allowing content that should be blocked, such as scripts, to be loaded on a page. This vulnerability affects Firefox < 57.

Weaknesses
CWE-NVD-noinfo
CVE Status
PUBLISHED
CNA
Mozilla Corporation
Published Date
2018-06-11 21:29:11
(6 years ago)
Updated Date
2019-10-03 00:03:26
(5 years ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox 56.0.2 and prior versions cpe:2.3:a:mozilla:firefox <= 56.0.2