漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
HTTPS-Only exception screen lacked anti-clickjacking delay
Vulnerability Description
The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability was fixed in Firefox 140 and Thunderbird 140.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox 安全漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Firefox 140之前版本存在安全漏洞,该漏洞源于HTTPS-Only功能异常页面缺少反点击劫持延迟,可能导致用户被诱骗加载HTTP网页。
CVSS Information
N/A
Vulnerability Type
N/A