Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla套件和Firefox浏览器 HTTP请求注入漏洞
Vulnerability Description
Mozilla套件和Firefox是非常流行的开放源码WEB浏览器。 Mozilla和Firefox浏览器中存在任意HTTP请求注入漏洞,成功利用这个漏洞的攻击者可以绕过XMLHttpRequest的同源限制,如读取防火墙中内网服务器上的文件。攻击者可以向XMLHttpRequest添加非法的畸形首部,从用户机器攻击服务器或代理漏洞,或诱骗服务器或代理相信单个请求是一些独立请求流。
CVSS Information
N/A
Vulnerability Type
N/A