- Home
- CVEs with oval.description==The+Content+Security+Policy+%28CSP%29+functionality+in+Mozilla+Firefox+4.x+through+13.0%2C+Firefox+ESR+10.x+before+10.0.6%2C+Thunderbird+5.0+through+13.0%2C+Thunderbird+ESR+10.x+before+10.0.6%2C+and+SeaMonkey+before+2.11+does+not+properly+restrict+the+strings+placed+into+the+blocked-uri+parameter+of+a+violation+report%2C+which+allows+remote+web+servers+to+capture+OpenID+credentials+and+OAuth+2.0+access+tokens+by+triggering+a+violation
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top