If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Mozilla

Firefox

Affected Versions:

unspecified

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1388015

https://www.mozilla.org/security/advisories/mfsa2019-25/

Published: 2019-09-27T17:20:17

Last Modified: 2024-08-04T23:03:32.672Z

Copied to clipboard!