CVE-2016-1955
4.3MEDIUM
Key Information
- Vendor
- Novell
- Status
- Suse Package Hub For Suse Linux Enterprise
- Leap
- Opensuse
- Vendor
- CVE Published:
- 13 March 2016
Summary
Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database