Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in Mozilla Firefox 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 allows remote web servers to bypass intended Content Security Policy (CSP) restrictions and possibly conduct cross-site scripting (XSS) attacks via crafted HTTP headers.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox/Thunderbird/SeaMonkey CRLF注入漏洞
Vulnerability Description
Mozilla Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。 Mozilla Firefox 4.x至10.0版本,Firefox ESR 10.0.3之前的10.x版本,Thunderbird 5.0至10.0版本,Thunderbird ESR 10.0.3之前的10.x版本,和SeaMonkey 2.8之前版本中存在CRLF注入漏洞。远程web服务器可利用该漏洞借助特制HTTP头,绕过预期的内容安全策略(CSP)限制进而可能执行跨站脚本攻击(XSS)。
CVSS Information
N/A
Vulnerability Type
N/A