CVE-2020-6813
CVSS v3.1
5.3 (Medium)
CVSS v2.0
5 (Medium)
EPSS
0.08 % (37th)
Affected Products
1
Advisories
5
When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Content Security Policy. This vulnerability affects Firefox < 74.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2020-03-25 22:15:12
(4 years ago) - Updated Date
-
2020-03-30 18:24:27
(4 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...