CVE-2016-1955

2016-03-13T18:59:00
ID CVE-2016-1955
Type cve
Reporter security@mozilla.org
Modified 2018-10-30T16:27:00

Description

Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.