3 matches found
SUSE CVE-2016-1955
Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element...
GHSA-C6RP-XVQV-MWMF Cross-site Scripting in epubjs
managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS...
DEBIAN-CVE-2016-1955
Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy CSP violation report that contains path information associated with an IFRAME element...