Lucene search
K

5125 matches found

RedHat Linux
RedHat Linux
added 2024/01/30 2:20 p.m.5 views

Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set

The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...

6.5CVSS7.3AI score0.006EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/01/30 2:14 p.m.3 views

Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set

The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...

6.5CVSS7.3AI score0.006EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/01/30 2:13 p.m.1 views

Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set

The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...

6.5CVSS7.3AI score0.006EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/01/30 12:33 p.m.6 views

Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set

The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...

6.5CVSS7.3AI score0.006EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/01/30 11:4 a.m.4 views

Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set

The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...

6.5CVSS7.3AI score0.006EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/01/25 5:21 p.m.35 views

CVE-2024-0747

The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...

6.1CVSS6.6AI score0.006EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/01/25 2:48 a.m.3 views

SUSE CVE-2024-0747

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS6.4AI score0.006EPSS
Exploits0References8
NVD
NVD
added 2024/01/23 2:15 p.m.21 views

CVE-2024-0747

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS6.7AI score0.006EPSS
Exploits0References6
OSV
OSV
added 2024/01/23 2:15 p.m.2 views

DEBIAN-CVE-2024-0747

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS6.8AI score0.006EPSS
Exploits0References1
Prion
Prion
added 2024/01/23 2:15 p.m.34 views

Design/Logic Flaw

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

4.3CVSS6.1AI score0.006EPSS
Exploits0References6Affected Software4
OSV
OSV
added 2024/01/23 2:15 p.m.2 views

UBUNTU-CVE-2024-0747

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS7.3AI score0.006EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2024/01/23 1:48 p.m.9 views

CVE-2024-0747

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.3AI score0.006EPSS
Exploits0References6
CVE
CVE
added 2024/01/23 1:48 p.m.156 views

CVE-2024-0747

CVE-2024-0747 describes a CSP bypass: when a parent page loads a child in an iframe with unsafe-inline, the parent CSP could override the child CSP. Affected: Firefox before 122, Firefox ESR before 115.7, and Thunderbird before 115.7. Practical impact: potential bypass of content security policie...

6.5CVSS6.8AI score0.006EPSS
Exploits0References6Affected Software3
Cvelist
Cvelist
added 2024/01/23 1:48 p.m.24 views

CVE-2024-0747

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

7AI score0.006EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2024/01/23 1:48 p.m.30 views

CVE-2024-0747

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS7.2AI score0.006EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/01/23 1:48 p.m.27 views

CVE-2024-0747

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS7.7AI score0.006EPSS
Exploits0
Veracode
Veracode
added 2024/01/23 7:4 a.m.21 views

Cross-Frame Scripting (XFS)

plone is vulnerable toCross-Frame Scripting XFS. The vulnerability is due to a lack sanitization for URLs and iframe elements. This allows an attacker to embed malicious scripts within these iframe elements, which are executed when accessed by an administrator...

7.1CVSS6.5AI score0.00294EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2024/01/23 12:0 a.m.30 views

CVE-2024-0747

When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...

6.5CVSS6.7AI score0.006EPSS
Exploits0References10
VulnCheck KEV
VulnCheck KEV
added 2024/01/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-45092

Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could allow IFRAME injection via the vpath parameter...

9.8CVSS7.3AI score0.39973EPSS
Exploits3References1
Amazon
Amazon
added 2024/01/22 12:0 a.m.4 views

Important: webkitgtk4

Issue Overview: Impact: Visiting a website that frames malicious content may lead to UI spoofing. Description: The issue was addressed with improved UI handling. CVE-2022-32919 A website may be able to track the websites a user visited in Safari private browsing mode. CVE-2022-32933 A spoofing...

8.8CVSS8.7AI score0.29179EPSS
Exploits4
Rows per page
Query Builder