Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox/Firefox ESR/Thunderbird/Thunderbird ESR/SeaMonkey安全漏洞
Vulnerability Description
Mozilla Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。 Mozilla Firefox 4.x至12.0版本,Firefox ESR 10.0.5之前的10.x版本,Thunderbird 5.0至12.0版本,Thunderbird ESR 10.0.5之前的10.x版本以及SeaMonkey 2.10之前版本中的Content Security Policy(CSP)实现上存在漏洞,该漏洞源于未阻止内嵌事件处理程序。远程攻击者可利用该漏洞易借助特制HTML
CVSS Information
N/A
Vulnerability Type
N/A