Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Midori Browser 0.5.11 (on Windows 10), Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the multipart/x-mixed-replace MIME type. This could result in script running where CSP should have blocked it, allowing for cross-site scripting (XSS) and other attacks when the product renders the content as HTML. Remediating this would also need to consider the polyglot case, e.g., a file that is a valid GIF image and also valid JavaScript.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Midori Browser 跨站脚本漏洞
Vulnerability Description
Midori Browser是一款轻量级的跨平台网络浏览器。 Midori Browser 0.5.11版本(Windows 10)中存在安全漏洞。攻击者可利用该漏洞绕过Content Security Policy策略,执行代码。
CVSS Information
N/A
Vulnerability Type
N/A