CVE-2019-11737
CVSS v3.1
5.3 (Medium)
CVSS v2.0
5 (Medium)
EPSS
0.09 % (39th)
Affected Products
1
Advisories
4
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.
Weaknesses
- CWE-345
- Insufficient Verification of Data Authenticity
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2019-09-27 18:15:11
(5 years ago) - Updated Date
-
2019-10-02 13:40:03
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...