Vulnerabilities

CVE-2015-4478

by Fred · 15/08/2015

Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin Policy via the reviver parameter to the JSON.parse method.

Date published : 2015-08-15

http://www.mozilla.org/security/announce/2015/mfsa2015-82.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Similar

Tags: Cybersecurity Alert