0.001 Low
EPSS
Percentile
43.8%
firefox is vulnerable to content-security policy bypass. Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allows the execution of scripts that should have been blocked.
data: URLs
bugzilla.mozilla.org/show_bug.cgi?id=1457100
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.12/community.yaml
secdb.alpinelinux.org/v3.13/community.yaml
www.mozilla.org/security/advisories/mfsa2020-16/