Lucene search

K
prionPRIOn knowledge basePRION:CVE-2024-0747
HistoryJan 23, 2024 - 2:15 p.m.

Design/Logic Flaw

2024-01-2314:15:00
PRIOn knowledge base
www.prio-n.com
13
design flaw
logic flaw
content security policy
iframe
firefox
thunderbird
vulnerability

6.1 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

23.1%

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.