SUSE CVE-2016-9078

Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without t...

PT-2021-7411 · Mozilla +2 · Firefox +2

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 94 Description: The issue is related to a same-origin-violation in the context of Web Extensions, where a Web Extension could access the post-redirect URL of an element clicked, potentially leaking data it should not...