Security Advisory

CVE-2016-9895

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-06-11 21:00:00

Last updated 2024-08-06 03:07:31

Assigner mozilla

State PUBLISHED

Description

Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6.

← Browse all CVEs View on cve.org ↗