CVE-2023-25728
CVSS v3.1
6.5 (Medium)
EPSS
0.11 % (46th)
Affected Products
3
Advisories
37
The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-06-02 17:15:11
(15 months ago) - Updated Date
-
2023-06-08 14:01:25
(15 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...