mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
981 B
981 B
CVE-2016-9078
Description
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the "data:" URL in some circumstances. This can result in same-origin violations against a domain if it loads resources from malicious sites. Cross-origin setting of cookies has been demonstrated without the ability to read them. Note: This issue only affects Firefox 49 and 50. This vulnerability affects Firefox < 50.0.1.
POC
Reference
Github
No PoCs found on GitHub currently.