CVE-2017-7808

2017-08-09T01:54:08
ID RH:CVE-2017-7808
Type redhatcve
Reporter redhat.com
Modified 2019-10-12T01:38:47

Description

A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox < 55.