Security Advisory

CVE-2024-0310

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-10 10:43:46

Last updated 2024-09-03 18:29:33

Assigner trellix

State PUBLISHED

Description

A content-security-policy vulnerability in ENS Control browser extension prior to 10.7.0 Update 15 allows a remote attacker to alter the response header parameter setting to switch the content security policy into report-only mode, allowing an attacker to bypass the content-security-policy configuration.

← Browse all CVEs View on cve.org ↗