Lucene search
MozillaCVELIST:CVE-2017-7834HistoryJun 11, 2018 - 9:00 p.m.
CVE-2017-7834
2018-06-1121:00:00
mozilla
www.cve.org
3
A “data:” URL loaded in a new tab did not inherit the Content Security Policy (CSP) of the original page, allowing for bypasses of the policy including the execution of JavaScript. In prior versions when “data:” documents also inherited the context of the original page this would allow for potential cross-site scripting (XSS) attacks. This vulnerability affects Firefox < 57.
CNA Affected
[
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "57",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2017-7834
2017-11-15 00:00:00
debiancve
debiancve
CVE-2017-7834
2018-06-11 21:29:11
cve
cve
CVE-2017-7834
2018-06-11 21:29:11
prion
prion
Cross site scripting
2018-06-11 21:29:00
nvd
nvd
CVE-2017-7834
2018-06-11 21:29:11
ubuntu
ubuntu
Firefox vulnerabilities
2017-11-16 00:00:00
Firefox regression
2017-11-27 00:00:00
Firefox regression
2018-01-03 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3477-4)
2018-01-05 00:00:00
Ubuntu: Security Advisory (USN-3477-2)
2017-11-28 00:00:00
Ubuntu: Security Advisory (USN-3477-1)
2017-11-18 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Firefox regression (USN-3477-2)
2017-11-28 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Firefox vulnerabilities (USN-3477-1)
2017-11-17 00:00:00
Mozilla Firefox ESR < 52.5 Multiple Vulnerabilities
2017-11-16 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2017-11-14 00:00:00
archlinux
archlinux
[ASA-201711-23] firefox: multiple issues
2017-11-15 00:00:00
kaspersky
kaspersky
KLA11135 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2017-11-14 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 57 — Mozilla
2017-11-14 00:00:00