CVE-2017-7842

2018-06-11T21:29:00
ID CVE-2017-7842
Type cve
Reporter security@mozilla.org
Modified 2018-06-25T18:47:00

Description

If a document's Referrer Policy attribute is set to "no-referrer" sometimes two network requests are made for "<link>" elements instead of one. One of these requests includes the referrer instead of respecting the set policy to not include a referrer on requests. This vulnerability affects Firefox < 57.