NuytsTech Security

CVE-2015-7188

by ·

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to bypass the Same Origin Policy for an IP address origin, and conduct cross-site scripting (XSS) attacks, by appending whitespace characters to an IP address string.

Date published : 2015-11-04

http://www.securityfocus.com/bid/77411

http://www.mozilla.org/security/announce/2015/mfsa2015-122.html

Tags: