Fedora 44 : yelp (2026-ed4f450fa9)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ed4f450fa9 advisory. Yelp 49.1, fixing: Flatpak applications are able to exfiltrate host files due to yelp's CSP being too permissive Tenable has extracted the preceding...

Semmle: CSP : Inline scripts can be inserted

Vulnerable URL:- https://lgtm-com.pentesting.semmle.net/ Summery Content Security Policy CSP is a client-side security model which allows developers to specify where different types of resources should be loaded, executed and embedded from. With CSP you can instruct the browser only to load...