CVE-2015-7197

2015-11-05T05:59:00
ID CVE-2015-7197
Type cve
Reporter cve@mitre.org
Modified 2016-12-07T18:23:00

Description

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly control the ability of a web worker to create a WebSocket object, which allows remote attackers to bypass intended mixed-content restrictions via crafted JavaScript code.