2 matches found
Mozilla: Bypass of Content Security Policy when directive unsafe-inline was set
The Mozilla Foundation Security Advisory describes this flaw as: When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy...
UBUNTU-CVE-2024-0747
When a parent page loaded a child in an iframe with unsafe-inline, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7...