5 matches found
Mozilla: HSTS policy on subdomain could bypass policy of upper domain
The Mozilla Foundation Security Advisory describes this flaw as: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...