CVE-2021-23968 – If Content Security Policy blocked frame navigation, the full destination of a redirect se …

26 February 2021

Vuln ID: CVE-2021-23968

Published: 2021-02-26 02:15:12Z

Description: If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation report; as opposed to the original frame URI. This could be used to leak sensitive information contained in such URIs. This vulnerability affects Firefox < 86, Thunderbird < 78.8, and Firefox ESR < 78.8.

Source: NVD.NIST.GOV

Date:

26 February 2021

Categorie(s):

NVD

Tag(s):

NVD

Applying DevSecOps principles to machine learning workloads25 April 2024
Overcoming GenAI challenges in healthcare cybersecurity25 April 2024
25 cybersecurity AI stats you should know25 April 2024
73% of SME security pros missed or ignored critical alerts25 April 2024
Battening down the hatches: Navigating third-party cyber threats 25 April 2024