SecuritySpace - CVE-2018-5164

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2018-5164

Description: Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox < 60.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2018-5164
BugTraq ID: 104139
http://www.securityfocus.com/bid/104139
http://www.securitytracker.com/id/1040896
https://usn.ubuntu.com/3645-1/

CVE ID:	CVE-2018-5164
Description:	Content Security Policy (CSP) is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting (XSS) and other attacks. This vulnerability affects Firefox < 60.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2018-5164 BugTraq ID: 104139 http://www.securityfocus.com/bid/104139 http://www.securitytracker.com/id/1040896 https://usn.ubuntu.com/3645-1/